Implement NtAccessCheck.
[wine/gsoc-2012-control.git] / dlls / advapi32 / security.c
blob5bbb4eaf300591431ab80a86268363af33a8cd50
1 /*
2 * Copyright 1999, 2000 Juergen Schmied <juergen.schmied@debitel.net>
3 * Copyright 2003 CodeWeavers Inc. (Ulrich Czekalla)
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 #include <stdarg.h>
22 #include <string.h>
24 #include "windef.h"
25 #include "winbase.h"
26 #include "winerror.h"
27 #include "rpcnterr.h"
28 #include "winreg.h"
29 #include "winternl.h"
30 #include "ntstatus.h"
31 #include "ntsecapi.h"
32 #include "accctrl.h"
33 #include "sddl.h"
34 #include "winsvc.h"
35 #include "aclapi.h"
37 #include "wine/debug.h"
38 #include "wine/unicode.h"
40 WINE_DEFAULT_DEBUG_CHANNEL(advapi);
42 static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes);
43 static BOOL ParseStringAclToAcl(LPCWSTR StringAcl, LPDWORD lpdwFlags,
44 PACL pAcl, LPDWORD cBytes);
45 static BYTE ParseAceStringFlags(LPCWSTR* StringAcl);
46 static BYTE ParseAceStringType(LPCWSTR* StringAcl);
47 static DWORD ParseAceStringRights(LPCWSTR* StringAcl);
48 static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(
49 LPCWSTR StringSecurityDescriptor,
50 SECURITY_DESCRIPTOR* SecurityDescriptor,
51 LPDWORD cBytes);
52 static DWORD ParseAclStringFlags(LPCWSTR* StringAcl);
54 typedef struct _ACEFLAG
56 LPCWSTR wstr;
57 DWORD value;
58 } ACEFLAG, *LPACEFLAG;
60 static SID const sidWorld = { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY} , { SECURITY_WORLD_RID } };
63 * ACE access rights
65 static const WCHAR SDDL_READ_CONTROL[] = {'R','C',0};
66 static const WCHAR SDDL_WRITE_DAC[] = {'W','D',0};
67 static const WCHAR SDDL_WRITE_OWNER[] = {'W','O',0};
68 static const WCHAR SDDL_STANDARD_DELETE[] = {'S','D',0};
69 static const WCHAR SDDL_GENERIC_ALL[] = {'G','A',0};
70 static const WCHAR SDDL_GENERIC_READ[] = {'G','R',0};
71 static const WCHAR SDDL_GENERIC_WRITE[] = {'G','W',0};
72 static const WCHAR SDDL_GENERIC_EXECUTE[] = {'G','X',0};
75 * ACE types
77 static const WCHAR SDDL_ACCESS_ALLOWED[] = {'A',0};
78 static const WCHAR SDDL_ACCESS_DENIED[] = {'D',0};
79 static const WCHAR SDDL_OBJECT_ACCESS_ALLOWED[] = {'O','A',0};
80 static const WCHAR SDDL_OBJECT_ACCESS_DENIED[] = {'O','D',0};
81 static const WCHAR SDDL_AUDIT[] = {'A','U',0};
82 static const WCHAR SDDL_ALARM[] = {'A','L',0};
83 static const WCHAR SDDL_OBJECT_AUDIT[] = {'O','U',0};
84 static const WCHAR SDDL_OBJECT_ALARMp[] = {'O','L',0};
87 * ACE flags
89 static const WCHAR SDDL_CONTAINER_INHERIT[] = {'C','I',0};
90 static const WCHAR SDDL_OBJECT_INHERIT[] = {'O','I',0};
91 static const WCHAR SDDL_NO_PROPAGATE[] = {'N','P',0};
92 static const WCHAR SDDL_INHERIT_ONLY[] = {'I','O',0};
93 static const WCHAR SDDL_INHERITED[] = {'I','D',0};
94 static const WCHAR SDDL_AUDIT_SUCCESS[] = {'S','A',0};
95 static const WCHAR SDDL_AUDIT_FAILURE[] = {'F','A',0};
97 /* set last error code from NT status and get the proper boolean return value */
98 /* used for functions that are a simple wrapper around the corresponding ntdll API */
99 static inline BOOL set_ntstatus( NTSTATUS status )
101 if (status) SetLastError( RtlNtStatusToDosError( status ));
102 return !status;
105 static void dumpLsaAttributes( PLSA_OBJECT_ATTRIBUTES oa )
107 if (oa)
109 TRACE("\n\tlength=%lu, rootdir=%p, objectname=%s\n\tattr=0x%08lx, sid=%p qos=%p\n",
110 oa->Length, oa->RootDirectory,
111 oa->ObjectName?debugstr_w(oa->ObjectName->Buffer):"null",
112 oa->Attributes, oa->SecurityDescriptor, oa->SecurityQualityOfService);
116 #define WINE_SIZE_OF_WORLD_ACCESS_ACL (sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + sizeof(sidWorld) - sizeof(DWORD))
118 static void GetWorldAccessACL(PACL pACL)
120 PACCESS_ALLOWED_ACE pACE = (PACCESS_ALLOWED_ACE) (pACL + 1);
122 pACL->AclRevision = ACL_REVISION;
123 pACL->Sbz1 = 0;
124 pACL->AclSize = WINE_SIZE_OF_WORLD_ACCESS_ACL;
125 pACL->AceCount = 1;
126 pACL->Sbz2 = 0;
128 pACE->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
129 pACE->Header.AceFlags = CONTAINER_INHERIT_ACE;
130 pACE->Header.AceSize = sizeof(ACCESS_ALLOWED_ACE) + sizeof(sidWorld) - sizeof(DWORD);
131 pACE->Mask = 0xf3ffffff; /* Everything except reserved bits */
132 memcpy(&pACE->SidStart, &sidWorld, sizeof(sidWorld));
135 /************************************************************
136 * ADVAPI_IsLocalComputer
138 * Checks whether the server name indicates local machine.
140 BOOL ADVAPI_IsLocalComputer(LPCWSTR ServerName)
142 if (!ServerName)
144 return TRUE;
146 else if (!ServerName[0])
148 return TRUE;
150 else
152 DWORD dwSize = MAX_COMPUTERNAME_LENGTH + 1;
153 BOOL Result;
154 LPWSTR buf;
156 buf = HeapAlloc(GetProcessHeap(), 0, dwSize * sizeof(WCHAR));
157 Result = GetComputerNameW(buf, &dwSize);
158 if (Result && (ServerName[0] == '\\') && (ServerName[1] == '\\'))
159 ServerName += 2;
160 Result = Result && !lstrcmpW(ServerName, buf);
161 HeapFree(GetProcessHeap(), 0, buf);
163 return Result;
167 #define ADVAPI_ForceLocalComputer(ServerName, FailureCode) \
168 if (!ADVAPI_IsLocalComputer(ServerName)) \
170 FIXME("Action Implemented for local computer only. " \
171 "Requested for server %s\n", debugstr_w(ServerName)); \
172 return FailureCode; \
175 /* ##############################
176 ###### TOKEN FUNCTIONS ######
177 ##############################
180 /******************************************************************************
181 * OpenProcessToken [ADVAPI32.@]
182 * Opens the access token associated with a process handle.
184 * PARAMS
185 * ProcessHandle [I] Handle to process
186 * DesiredAccess [I] Desired access to process
187 * TokenHandle [O] Pointer to handle of open access token
189 * RETURNS
190 * Success: TRUE. TokenHandle contains the access token.
191 * Failure: FALSE.
193 * NOTES
194 * See NtOpenProcessToken.
196 BOOL WINAPI
197 OpenProcessToken( HANDLE ProcessHandle, DWORD DesiredAccess,
198 HANDLE *TokenHandle )
200 return set_ntstatus(NtOpenProcessToken( ProcessHandle, DesiredAccess, TokenHandle ));
203 /******************************************************************************
204 * OpenThreadToken [ADVAPI32.@]
206 * Opens the access token associated with a thread handle.
208 * PARAMS
209 * ThreadHandle [I] Handle to process
210 * DesiredAccess [I] Desired access to the thread
211 * OpenAsSelf [I] ???
212 * TokenHandle [O] Destination for the token handle
214 * RETURNS
215 * Success: TRUE. TokenHandle contains the access token.
216 * Failure: FALSE.
218 * NOTES
219 * See NtOpenThreadToken.
221 BOOL WINAPI
222 OpenThreadToken( HANDLE ThreadHandle, DWORD DesiredAccess,
223 BOOL OpenAsSelf, HANDLE *TokenHandle)
225 return set_ntstatus( NtOpenThreadToken(ThreadHandle, DesiredAccess, OpenAsSelf, TokenHandle));
228 BOOL WINAPI
229 AdjustTokenGroups( HANDLE TokenHandle, BOOL ResetToDefault, PTOKEN_GROUPS NewState,
230 DWORD BufferLength, PTOKEN_GROUPS PreviousState, PDWORD ReturnLength )
232 return set_ntstatus( NtAdjustGroupsToken(TokenHandle, ResetToDefault, NewState, BufferLength,
233 PreviousState, ReturnLength));
236 /******************************************************************************
237 * AdjustTokenPrivileges [ADVAPI32.@]
239 * Adjust the privileges of an open token handle.
241 * PARAMS
242 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
243 * DisableAllPrivileges [I] TRUE=Remove all privileges, FALSE=Use NewState
244 * NewState [I] Desired new privileges of the token
245 * BufferLength [I] Length of NewState
246 * PreviousState [O] Destination for the previous state
247 * ReturnLength [I/O] Size of PreviousState
250 * RETURNS
251 * Success: TRUE. Privileges are set to NewState and PreviousState is updated.
252 * Failure: FALSE.
254 * NOTES
255 * See NtAdjustPrivilegesToken.
257 BOOL WINAPI
258 AdjustTokenPrivileges( HANDLE TokenHandle, BOOL DisableAllPrivileges,
259 LPVOID NewState, DWORD BufferLength,
260 LPVOID PreviousState, LPDWORD ReturnLength )
262 NTSTATUS status;
264 TRACE("\n");
266 status = NtAdjustPrivilegesToken(TokenHandle, DisableAllPrivileges,
267 NewState, BufferLength, PreviousState,
268 ReturnLength);
269 SetLastError( RtlNtStatusToDosError( status ));
270 if ((status == STATUS_SUCCESS) || (status == STATUS_NOT_ALL_ASSIGNED))
271 return TRUE;
272 else
273 return FALSE;
276 /******************************************************************************
277 * CheckTokenMembership [ADVAPI32.@]
279 * Determine if an access token is a member of a SID.
281 * PARAMS
282 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
283 * SidToCheck [I] SID that possibly contains the token
284 * IsMember [O] Destination for result.
286 * RETURNS
287 * Success: TRUE. IsMember is TRUE if TokenHandle is a member, FALSE otherwise.
288 * Failure: FALSE.
290 BOOL WINAPI
291 CheckTokenMembership( HANDLE TokenHandle, PSID SidToCheck,
292 PBOOL IsMember )
294 FIXME("(%p %p %p) stub!\n", TokenHandle, SidToCheck, IsMember);
296 *IsMember = TRUE;
297 return(TRUE);
300 /******************************************************************************
301 * GetTokenInformation [ADVAPI32.@]
303 * PARAMS
304 * token [I] Handle from OpenProcessToken() or OpenThreadToken()
305 * tokeninfoclass [I] A TOKEN_INFORMATION_CLASS from "winnt.h"
306 * tokeninfo [O] Destination for token information
307 * tokeninfolength [I] Length of tokeninfo
308 * retlen [O] Destination for returned token information length
310 * RETURNS
311 * Success: TRUE. tokeninfo contains retlen bytes of token information
312 * Failure: FALSE.
314 * NOTES
315 * See NtQueryInformationToken.
317 BOOL WINAPI
318 GetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
319 LPVOID tokeninfo, DWORD tokeninfolength, LPDWORD retlen )
321 TRACE("(%p, %s, %p, %ld, %p): \n",
322 token,
323 (tokeninfoclass == TokenUser) ? "TokenUser" :
324 (tokeninfoclass == TokenGroups) ? "TokenGroups" :
325 (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
326 (tokeninfoclass == TokenOwner) ? "TokenOwner" :
327 (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
328 (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
329 (tokeninfoclass == TokenSource) ? "TokenSource" :
330 (tokeninfoclass == TokenType) ? "TokenType" :
331 (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
332 (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
333 (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
334 (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
335 (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
336 (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
337 (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
338 "Unknown",
339 tokeninfo, tokeninfolength, retlen);
340 return set_ntstatus( NtQueryInformationToken( token, tokeninfoclass, tokeninfo,
341 tokeninfolength, retlen));
344 /******************************************************************************
345 * SetTokenInformation [ADVAPI32.@]
347 * Set information for an access token.
349 * PARAMS
350 * token [I] Handle from OpenProcessToken() or OpenThreadToken()
351 * tokeninfoclass [I] A TOKEN_INFORMATION_CLASS from "winnt.h"
352 * tokeninfo [I] Token information to set
353 * tokeninfolength [I] Length of tokeninfo
355 * RETURNS
356 * Success: TRUE. The information for the token is set to tokeninfo.
357 * Failure: FALSE.
359 BOOL WINAPI
360 SetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
361 LPVOID tokeninfo, DWORD tokeninfolength )
363 TRACE("(%p, %s, %p, %ld): stub\n",
364 token,
365 (tokeninfoclass == TokenUser) ? "TokenUser" :
366 (tokeninfoclass == TokenGroups) ? "TokenGroups" :
367 (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
368 (tokeninfoclass == TokenOwner) ? "TokenOwner" :
369 (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
370 (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
371 (tokeninfoclass == TokenSource) ? "TokenSource" :
372 (tokeninfoclass == TokenType) ? "TokenType" :
373 (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
374 (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
375 (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
376 (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
377 (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
378 (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
379 (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
380 "Unknown",
381 tokeninfo, tokeninfolength);
383 return set_ntstatus( NtSetInformationToken( token, tokeninfoclass, tokeninfo, tokeninfolength ));
386 /*************************************************************************
387 * SetThreadToken [ADVAPI32.@]
389 * Assigns an 'impersonation token' to a thread so it can assume the
390 * security privileges of another thread or process. Can also remove
391 * a previously assigned token.
393 * PARAMS
394 * thread [O] Handle to thread to set the token for
395 * token [I] Token to set
397 * RETURNS
398 * Success: TRUE. The threads access token is set to token
399 * Failure: FALSE.
401 * NOTES
402 * Only supported on NT or higher. On Win9X this function does nothing.
403 * See SetTokenInformation.
405 BOOL WINAPI SetThreadToken(PHANDLE thread, HANDLE token)
407 return set_ntstatus( NtSetInformationThread( thread ? *thread : GetCurrentThread(),
408 ThreadImpersonationToken, &token, sizeof token ));
411 /* ##############################
412 ###### SID FUNCTIONS ######
413 ##############################
416 /******************************************************************************
417 * AllocateAndInitializeSid [ADVAPI32.@]
419 * PARAMS
420 * pIdentifierAuthority []
421 * nSubAuthorityCount []
422 * nSubAuthority0 []
423 * nSubAuthority1 []
424 * nSubAuthority2 []
425 * nSubAuthority3 []
426 * nSubAuthority4 []
427 * nSubAuthority5 []
428 * nSubAuthority6 []
429 * nSubAuthority7 []
430 * pSid []
432 BOOL WINAPI
433 AllocateAndInitializeSid( PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
434 BYTE nSubAuthorityCount,
435 DWORD nSubAuthority0, DWORD nSubAuthority1,
436 DWORD nSubAuthority2, DWORD nSubAuthority3,
437 DWORD nSubAuthority4, DWORD nSubAuthority5,
438 DWORD nSubAuthority6, DWORD nSubAuthority7,
439 PSID *pSid )
441 return set_ntstatus( RtlAllocateAndInitializeSid(
442 pIdentifierAuthority, nSubAuthorityCount,
443 nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3,
444 nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7,
445 pSid ));
448 /******************************************************************************
449 * FreeSid [ADVAPI32.@]
451 * PARAMS
452 * pSid []
454 PVOID WINAPI
455 FreeSid( PSID pSid )
457 RtlFreeSid(pSid);
458 return NULL; /* is documented like this */
461 /******************************************************************************
462 * CopySid [ADVAPI32.@]
464 * PARAMS
465 * nDestinationSidLength []
466 * pDestinationSid []
467 * pSourceSid []
469 BOOL WINAPI
470 CopySid( DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid )
472 return RtlCopySid(nDestinationSidLength, pDestinationSid, pSourceSid);
475 BOOL WINAPI
476 IsTokenRestricted( HANDLE TokenHandle )
478 FIXME("%p - stub\n", TokenHandle);
480 return FALSE;
483 /******************************************************************************
484 * IsValidSid [ADVAPI32.@]
486 * PARAMS
487 * pSid []
489 BOOL WINAPI
490 IsValidSid( PSID pSid )
492 return RtlValidSid( pSid );
495 /******************************************************************************
496 * EqualSid [ADVAPI32.@]
498 * PARAMS
499 * pSid1 []
500 * pSid2 []
502 BOOL WINAPI
503 EqualSid( PSID pSid1, PSID pSid2 )
505 return RtlEqualSid( pSid1, pSid2 );
508 /******************************************************************************
509 * EqualPrefixSid [ADVAPI32.@]
511 BOOL WINAPI EqualPrefixSid (PSID pSid1, PSID pSid2)
513 return RtlEqualPrefixSid(pSid1, pSid2);
516 /******************************************************************************
517 * GetSidLengthRequired [ADVAPI32.@]
519 * PARAMS
520 * nSubAuthorityCount []
522 DWORD WINAPI
523 GetSidLengthRequired( BYTE nSubAuthorityCount )
525 return RtlLengthRequiredSid(nSubAuthorityCount);
528 /******************************************************************************
529 * InitializeSid [ADVAPI32.@]
531 * PARAMS
532 * pIdentifierAuthority []
534 BOOL WINAPI
535 InitializeSid (
536 PSID pSid,
537 PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
538 BYTE nSubAuthorityCount)
540 return RtlInitializeSid(pSid, pIdentifierAuthority, nSubAuthorityCount);
543 DWORD WINAPI
544 GetEffectiveRightsFromAclA( PACL pacl, PTRUSTEEA pTrustee, PACCESS_MASK pAccessRights )
546 FIXME("%p %p %p - stub\n", pacl, pTrustee, pAccessRights);
548 return 1;
551 DWORD WINAPI
552 GetEffectiveRightsFromAclW( PACL pacl, PTRUSTEEW pTrustee, PACCESS_MASK pAccessRights )
554 FIXME("%p %p %p - stub\n", pacl, pTrustee, pAccessRights);
556 return 1;
559 /******************************************************************************
560 * GetSidIdentifierAuthority [ADVAPI32.@]
562 * PARAMS
563 * pSid []
565 PSID_IDENTIFIER_AUTHORITY WINAPI
566 GetSidIdentifierAuthority( PSID pSid )
568 return RtlIdentifierAuthoritySid(pSid);
571 /******************************************************************************
572 * GetSidSubAuthority [ADVAPI32.@]
574 * PARAMS
575 * pSid []
576 * nSubAuthority []
578 PDWORD WINAPI
579 GetSidSubAuthority( PSID pSid, DWORD nSubAuthority )
581 return RtlSubAuthoritySid(pSid, nSubAuthority);
584 /******************************************************************************
585 * GetSidSubAuthorityCount [ADVAPI32.@]
587 * PARAMS
588 * pSid []
590 PUCHAR WINAPI
591 GetSidSubAuthorityCount (PSID pSid)
593 return RtlSubAuthorityCountSid(pSid);
596 /******************************************************************************
597 * GetLengthSid [ADVAPI32.@]
599 * PARAMS
600 * pSid []
602 DWORD WINAPI
603 GetLengthSid (PSID pSid)
605 return RtlLengthSid(pSid);
608 /* ##############################################
609 ###### SECURITY DESCRIPTOR FUNCTIONS ######
610 ##############################################
613 /******************************************************************************
614 * InitializeSecurityDescriptor [ADVAPI32.@]
616 * PARAMS
617 * pDescr []
618 * revision []
620 BOOL WINAPI
621 InitializeSecurityDescriptor( PSECURITY_DESCRIPTOR pDescr, DWORD revision )
623 return set_ntstatus( RtlCreateSecurityDescriptor(pDescr, revision ));
627 /******************************************************************************
628 * MakeAbsoluteSD [ADVAPI32.@]
630 BOOL WINAPI MakeAbsoluteSD (
631 IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
632 OUT PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
633 OUT LPDWORD lpdwAbsoluteSecurityDescriptorSize,
634 OUT PACL pDacl,
635 OUT LPDWORD lpdwDaclSize,
636 OUT PACL pSacl,
637 OUT LPDWORD lpdwSaclSize,
638 OUT PSID pOwner,
639 OUT LPDWORD lpdwOwnerSize,
640 OUT PSID pPrimaryGroup,
641 OUT LPDWORD lpdwPrimaryGroupSize)
643 return set_ntstatus( RtlSelfRelativeToAbsoluteSD(pSelfRelativeSecurityDescriptor,
644 pAbsoluteSecurityDescriptor,
645 lpdwAbsoluteSecurityDescriptorSize,
646 pDacl, lpdwDaclSize, pSacl, lpdwSaclSize,
647 pOwner, lpdwOwnerSize,
648 pPrimaryGroup, lpdwPrimaryGroupSize));
651 BOOL WINAPI GetKernelObjectSecurity(
652 HANDLE Handle,
653 SECURITY_INFORMATION RequestedInformation,
654 PSECURITY_DESCRIPTOR pSecurityDescriptor,
655 DWORD nLength,
656 LPDWORD lpnLengthNeeded )
658 FIXME("%p 0x%08lx %p 0x%08lx %p - stub\n", Handle, RequestedInformation,
659 pSecurityDescriptor, nLength, lpnLengthNeeded);
661 return FALSE;
664 BOOL WINAPI GetPrivateObjectSecurity(
665 PSECURITY_DESCRIPTOR ObjectDescriptor,
666 SECURITY_INFORMATION SecurityInformation,
667 PSECURITY_DESCRIPTOR ResultantDescriptor,
668 DWORD DescriptorLength,
669 PDWORD ReturnLength )
671 FIXME("%p 0x%08lx %p 0x%08lx %p - stub\n", ObjectDescriptor, SecurityInformation,
672 ResultantDescriptor, DescriptorLength, ReturnLength);
674 return FALSE;
677 /******************************************************************************
678 * GetSecurityDescriptorLength [ADVAPI32.@]
680 DWORD WINAPI GetSecurityDescriptorLength( PSECURITY_DESCRIPTOR pDescr)
682 return RtlLengthSecurityDescriptor(pDescr);
685 /******************************************************************************
686 * GetSecurityDescriptorOwner [ADVAPI32.@]
688 * PARAMS
689 * pOwner []
690 * lpbOwnerDefaulted []
692 BOOL WINAPI
693 GetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pDescr, PSID *pOwner,
694 LPBOOL lpbOwnerDefaulted )
696 BOOLEAN defaulted;
697 BOOL ret = set_ntstatus( RtlGetOwnerSecurityDescriptor( pDescr, pOwner, &defaulted ));
698 *lpbOwnerDefaulted = defaulted;
699 return ret;
702 /******************************************************************************
703 * SetSecurityDescriptorOwner [ADVAPI32.@]
705 * PARAMS
707 BOOL WINAPI SetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pSecurityDescriptor,
708 PSID pOwner, BOOL bOwnerDefaulted)
710 return set_ntstatus( RtlSetOwnerSecurityDescriptor(pSecurityDescriptor, pOwner, bOwnerDefaulted));
712 /******************************************************************************
713 * GetSecurityDescriptorGroup [ADVAPI32.@]
715 BOOL WINAPI GetSecurityDescriptorGroup(
716 PSECURITY_DESCRIPTOR SecurityDescriptor,
717 PSID *Group,
718 LPBOOL GroupDefaulted)
720 BOOLEAN defaulted;
721 BOOL ret = set_ntstatus( RtlGetGroupSecurityDescriptor(SecurityDescriptor, Group, &defaulted ));
722 *GroupDefaulted = defaulted;
723 return ret;
725 /******************************************************************************
726 * SetSecurityDescriptorGroup [ADVAPI32.@]
728 BOOL WINAPI SetSecurityDescriptorGroup ( PSECURITY_DESCRIPTOR SecurityDescriptor,
729 PSID Group, BOOL GroupDefaulted)
731 return set_ntstatus( RtlSetGroupSecurityDescriptor( SecurityDescriptor, Group, GroupDefaulted));
734 /******************************************************************************
735 * IsValidSecurityDescriptor [ADVAPI32.@]
737 * PARAMS
738 * lpsecdesc []
740 BOOL WINAPI
741 IsValidSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor )
743 return set_ntstatus( RtlValidSecurityDescriptor(SecurityDescriptor));
746 /******************************************************************************
747 * GetSecurityDescriptorDacl [ADVAPI32.@]
749 BOOL WINAPI GetSecurityDescriptorDacl(
750 IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
751 OUT LPBOOL lpbDaclPresent,
752 OUT PACL *pDacl,
753 OUT LPBOOL lpbDaclDefaulted)
755 BOOLEAN present, defaulted;
756 BOOL ret = set_ntstatus( RtlGetDaclSecurityDescriptor(pSecurityDescriptor, &present, pDacl, &defaulted));
757 *lpbDaclPresent = present;
758 *lpbDaclDefaulted = defaulted;
759 return ret;
762 /******************************************************************************
763 * SetSecurityDescriptorDacl [ADVAPI32.@]
765 BOOL WINAPI
766 SetSecurityDescriptorDacl (
767 PSECURITY_DESCRIPTOR lpsd,
768 BOOL daclpresent,
769 PACL dacl,
770 BOOL dacldefaulted )
772 return set_ntstatus( RtlSetDaclSecurityDescriptor (lpsd, daclpresent, dacl, dacldefaulted ) );
774 /******************************************************************************
775 * GetSecurityDescriptorSacl [ADVAPI32.@]
777 BOOL WINAPI GetSecurityDescriptorSacl(
778 IN PSECURITY_DESCRIPTOR lpsd,
779 OUT LPBOOL lpbSaclPresent,
780 OUT PACL *pSacl,
781 OUT LPBOOL lpbSaclDefaulted)
783 BOOLEAN present, defaulted;
784 BOOL ret = set_ntstatus( RtlGetSaclSecurityDescriptor(lpsd, &present, pSacl, &defaulted) );
785 *lpbSaclPresent = present;
786 *lpbSaclDefaulted = defaulted;
787 return ret;
790 /**************************************************************************
791 * SetSecurityDescriptorSacl [ADVAPI32.@]
793 BOOL WINAPI SetSecurityDescriptorSacl (
794 PSECURITY_DESCRIPTOR lpsd,
795 BOOL saclpresent,
796 PACL lpsacl,
797 BOOL sacldefaulted)
799 return set_ntstatus (RtlSetSaclSecurityDescriptor(lpsd, saclpresent, lpsacl, sacldefaulted));
801 /******************************************************************************
802 * MakeSelfRelativeSD [ADVAPI32.@]
804 * PARAMS
805 * lpabssecdesc []
806 * lpselfsecdesc []
807 * lpbuflen []
809 BOOL WINAPI
810 MakeSelfRelativeSD(
811 IN PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
812 IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
813 IN OUT LPDWORD lpdwBufferLength)
815 return set_ntstatus( RtlMakeSelfRelativeSD( pAbsoluteSecurityDescriptor,
816 pSelfRelativeSecurityDescriptor, lpdwBufferLength));
819 /******************************************************************************
820 * GetSecurityDescriptorControl [ADVAPI32.@]
823 BOOL WINAPI GetSecurityDescriptorControl ( PSECURITY_DESCRIPTOR pSecurityDescriptor,
824 PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
826 return set_ntstatus( RtlGetControlSecurityDescriptor(pSecurityDescriptor,pControl,lpdwRevision));
829 /* ##############################
830 ###### ACL FUNCTIONS ######
831 ##############################
834 /*************************************************************************
835 * InitializeAcl [ADVAPI32.@]
837 BOOL WINAPI InitializeAcl(PACL acl, DWORD size, DWORD rev)
839 return set_ntstatus( RtlCreateAcl(acl, size, rev));
842 BOOL WINAPI ImpersonateNamedPipeClient( HANDLE hNamedPipe )
844 FIXME("%p - stub\n", hNamedPipe);
846 return FALSE;
849 /******************************************************************************
850 * AddAccessAllowedAce [ADVAPI32.@]
852 BOOL WINAPI AddAccessAllowedAce(
853 IN OUT PACL pAcl,
854 IN DWORD dwAceRevision,
855 IN DWORD AccessMask,
856 IN PSID pSid)
858 return set_ntstatus(RtlAddAccessAllowedAce(pAcl, dwAceRevision, AccessMask, pSid));
861 /******************************************************************************
862 * AddAccessAllowedAceEx [ADVAPI32.@]
864 BOOL WINAPI AddAccessAllowedAceEx(
865 IN OUT PACL pAcl,
866 IN DWORD dwAceRevision,
867 IN DWORD AceFlags,
868 IN DWORD AccessMask,
869 IN PSID pSid)
871 return set_ntstatus(RtlAddAccessAllowedAceEx(pAcl, dwAceRevision, AceFlags, AccessMask, pSid));
874 /******************************************************************************
875 * AddAccessDeniedAce [ADVAPI32.@]
877 BOOL WINAPI AddAccessDeniedAce(
878 IN OUT PACL pAcl,
879 IN DWORD dwAceRevision,
880 IN DWORD AccessMask,
881 IN PSID pSid)
883 return set_ntstatus(RtlAddAccessDeniedAce(pAcl, dwAceRevision, AccessMask, pSid));
886 /******************************************************************************
887 * AddAccessDeniedAceEx [ADVAPI32.@]
889 BOOL WINAPI AddAccessDeniedAceEx(
890 IN OUT PACL pAcl,
891 IN DWORD dwAceRevision,
892 IN DWORD AceFlags,
893 IN DWORD AccessMask,
894 IN PSID pSid)
896 return set_ntstatus(RtlAddAccessDeniedAceEx(pAcl, dwAceRevision, AceFlags, AccessMask, pSid));
899 /******************************************************************************
900 * AddAce [ADVAPI32.@]
902 BOOL WINAPI AddAce(
903 IN OUT PACL pAcl,
904 IN DWORD dwAceRevision,
905 IN DWORD dwStartingAceIndex,
906 LPVOID pAceList,
907 DWORD nAceListLength)
909 return set_ntstatus(RtlAddAce(pAcl, dwAceRevision, dwStartingAceIndex, pAceList, nAceListLength));
912 /******************************************************************************
913 * DeleteAce [ADVAPI32.@]
915 BOOL WINAPI DeleteAce(PACL pAcl, DWORD dwAceIndex)
917 return set_ntstatus(RtlDeleteAce(pAcl, dwAceIndex));
920 /******************************************************************************
921 * FindFirstFreeAce [ADVAPI32.@]
923 BOOL WINAPI FindFirstFreeAce(IN PACL pAcl, LPVOID * pAce)
925 return RtlFirstFreeAce(pAcl, (PACE_HEADER *)pAce);
928 /******************************************************************************
929 * GetAce [ADVAPI32.@]
931 BOOL WINAPI GetAce(PACL pAcl,DWORD dwAceIndex,LPVOID *pAce )
933 return set_ntstatus(RtlGetAce(pAcl, dwAceIndex, pAce));
936 /******************************************************************************
937 * GetAclInformation [ADVAPI32.@]
939 BOOL WINAPI GetAclInformation(
940 PACL pAcl,
941 LPVOID pAclInformation,
942 DWORD nAclInformationLength,
943 ACL_INFORMATION_CLASS dwAclInformationClass)
945 return set_ntstatus(RtlQueryInformationAcl(pAcl, pAclInformation,
946 nAclInformationLength, dwAclInformationClass));
949 /******************************************************************************
950 * IsValidAcl [ADVAPI32.@]
952 BOOL WINAPI IsValidAcl(IN PACL pAcl)
954 return RtlValidAcl(pAcl);
957 /* ##############################
958 ###### MISC FUNCTIONS ######
959 ##############################
962 /******************************************************************************
963 * AllocateLocallyUniqueId [ADVAPI32.@]
965 * PARAMS
966 * lpLuid []
968 BOOL WINAPI AllocateLocallyUniqueId( PLUID lpLuid )
970 return set_ntstatus(NtAllocateLocallyUniqueId(lpLuid));
973 static const WCHAR SE_CREATE_TOKEN_NAME_W[] =
974 { 'S','e','C','r','e','a','t','e','T','o','k','e','n','P','r','i','v','i','l','e','g','e',0 };
975 static const WCHAR SE_ASSIGNPRIMARYTOKEN_NAME_W[] =
976 { 'S','e','A','s','s','i','g','n','P','r','i','m','a','r','y','T','o','k','e','n','P','r','i','v','i','l','e','g','e',0 };
977 static const WCHAR SE_LOCK_MEMORY_NAME_W[] =
978 { 'S','e','L','o','c','k','M','e','m','o','r','y','P','r','i','v','i','l','e','g','e',0 };
979 static const WCHAR SE_INCREASE_QUOTA_NAME_W[] =
980 { 'S','e','I','n','c','r','e','a','s','e','Q','u','o','t','a','P','r','i','v','i','l','e','g','e',0 };
981 static const WCHAR SE_MACHINE_ACCOUNT_NAME_W[] =
982 { 'S','e','M','a','c','h','i','n','e','A','c','c','o','u','n','t','P','r','i','v','i','l','e','g','e',0 };
983 static const WCHAR SE_TCB_NAME_W[] =
984 { 'S','e','T','c','b','P','r','i','v','i','l','e','g','e',0 };
985 static const WCHAR SE_SECURITY_NAME_W[] =
986 { 'S','e','S','e','c','u','r','i','t','y','P','r','i','v','i','l','e','g','e',0 };
987 static const WCHAR SE_TAKE_OWNERSHIP_NAME_W[] =
988 { 'S','e','T','a','k','e','O','w','n','e','r','s','h','i','p','P','r','i','v','i','l','e','g','e',0 };
989 static const WCHAR SE_LOAD_DRIVER_NAME_W[] =
990 { 'S','e','L','o','a','d','D','r','i','v','e','r','P','r','i','v','i','l','e','g','e',0 };
991 static const WCHAR SE_SYSTEM_PROFILE_NAME_W[] =
992 { 'S','e','S','y','s','t','e','m','P','r','o','f','i','l','e','P','r','i','v','i','l','e','g','e',0 };
993 static const WCHAR SE_SYSTEMTIME_NAME_W[] =
994 { 'S','e','S','y','s','t','e','m','t','i','m','e','P','r','i','v','i','l','e','g','e',0 };
995 static const WCHAR SE_PROF_SINGLE_PROCESS_NAME_W[] =
996 { 'S','e','P','r','o','f','i','l','e','S','i','n','g','l','e','P','r','o','c','e','s','s','P','r','i','v','i','l','e','g','e',0 };
997 static const WCHAR SE_INC_BASE_PRIORITY_NAME_W[] =
998 { 'S','e','I','n','c','r','e','a','s','e','B','a','s','e','P','r','i','o','r','i','t','y','P','r','i','v','i','l','e','g','e',0 };
999 static const WCHAR SE_CREATE_PAGEFILE_NAME_W[] =
1000 { 'S','e','C','r','e','a','t','e','P','a','g','e','f','i','l','e','P','r','i','v','i','l','e','g','e',0 };
1001 static const WCHAR SE_CREATE_PERMANENT_NAME_W[] =
1002 { 'S','e','C','r','e','a','t','e','P','e','r','m','a','n','e','n','t','P','r','i','v','i','l','e','g','e',0 };
1003 static const WCHAR SE_BACKUP_NAME_W[] =
1004 { 'S','e','B','a','c','k','u','p','P','r','i','v','i','l','e','g','e',0 };
1005 static const WCHAR SE_RESTORE_NAME_W[] =
1006 { 'S','e','R','e','s','t','o','r','e','P','r','i','v','i','l','e','g','e',0 };
1007 static const WCHAR SE_SHUTDOWN_NAME_W[] =
1008 { 'S','e','S','h','u','t','d','o','w','n','P','r','i','v','i','l','e','g','e',0 };
1009 static const WCHAR SE_DEBUG_NAME_W[] =
1010 { 'S','e','D','e','b','u','g','P','r','i','v','i','l','e','g','e',0 };
1011 static const WCHAR SE_AUDIT_NAME_W[] =
1012 { 'S','e','A','u','d','i','t','P','r','i','v','i','l','e','g','e',0 };
1013 static const WCHAR SE_SYSTEM_ENVIRONMENT_NAME_W[] =
1014 { 'S','e','S','y','s','t','e','m','E','n','v','i','r','o','n','m','e','n','t','P','r','i','v','i','l','e','g','e',0 };
1015 static const WCHAR SE_CHANGE_NOTIFY_NAME_W[] =
1016 { 'S','e','C','h','a','n','g','e','N','o','t','i','f','y','P','r','i','v','i','l','e','g','e',0 };
1017 static const WCHAR SE_REMOTE_SHUTDOWN_NAME_W[] =
1018 { 'S','e','R','e','m','o','t','e','S','h','u','t','d','o','w','n','P','r','i','v','i','l','e','g','e',0 };
1019 static const WCHAR SE_UNDOCK_NAME_W[] =
1020 { 'S','e','U','n','d','o','c','k','P','r','i','v','i','l','e','g','e',0 };
1021 static const WCHAR SE_SYNC_AGENT_NAME_W[] =
1022 { 'S','e','S','y','n','c','A','g','e','n','t','P','r','i','v','i','l','e','g','e',0 };
1023 static const WCHAR SE_ENABLE_DELEGATION_NAME_W[] =
1024 { 'S','e','E','n','a','b','l','e','D','e','l','e','g','a','t','i','o','n','P','r','i','v','i','l','e','g','e',0 };
1025 static const WCHAR SE_MANAGE_VOLUME_NAME_W[] =
1026 { 'S','e','M','a','n','a','g','e','V','o','l','u','m','e','P','r','i','v','i','l','e','g','e',0 };
1027 static const WCHAR SE_IMPERSONATE_NAME_W[] =
1028 { 'S','e','I','m','p','e','r','s','o','n','a','t','e','P','r','i','v','i','l','e','g','e',0 };
1029 static const WCHAR SE_CREATE_GLOBAL_NAME_W[] =
1030 { 'S','e','C','r','e','a','t','e','G','l','o','b','a','l','P','r','i','v','i','l','e','g','e',0 };
1032 static const WCHAR * const WellKnownPrivNames[SE_MAX_WELL_KNOWN_PRIVILEGE + 1] =
1034 NULL,
1035 NULL,
1036 SE_CREATE_TOKEN_NAME_W,
1037 SE_ASSIGNPRIMARYTOKEN_NAME_W,
1038 SE_LOCK_MEMORY_NAME_W,
1039 SE_INCREASE_QUOTA_NAME_W,
1040 SE_MACHINE_ACCOUNT_NAME_W,
1041 SE_TCB_NAME_W,
1042 SE_SECURITY_NAME_W,
1043 SE_TAKE_OWNERSHIP_NAME_W,
1044 SE_LOAD_DRIVER_NAME_W,
1045 SE_SYSTEM_PROFILE_NAME_W,
1046 SE_SYSTEMTIME_NAME_W,
1047 SE_PROF_SINGLE_PROCESS_NAME_W,
1048 SE_INC_BASE_PRIORITY_NAME_W,
1049 SE_CREATE_PAGEFILE_NAME_W,
1050 SE_CREATE_PERMANENT_NAME_W,
1051 SE_BACKUP_NAME_W,
1052 SE_RESTORE_NAME_W,
1053 SE_SHUTDOWN_NAME_W,
1054 SE_DEBUG_NAME_W,
1055 SE_AUDIT_NAME_W,
1056 SE_SYSTEM_ENVIRONMENT_NAME_W,
1057 SE_CHANGE_NOTIFY_NAME_W,
1058 SE_REMOTE_SHUTDOWN_NAME_W,
1059 SE_UNDOCK_NAME_W,
1060 SE_SYNC_AGENT_NAME_W,
1061 SE_ENABLE_DELEGATION_NAME_W,
1062 SE_MANAGE_VOLUME_NAME_W,
1063 SE_IMPERSONATE_NAME_W,
1064 SE_CREATE_GLOBAL_NAME_W,
1067 /******************************************************************************
1068 * LookupPrivilegeValueW [ADVAPI32.@]
1070 * See LookupPrivilegeValueA.
1072 BOOL WINAPI
1073 LookupPrivilegeValueW( LPCWSTR lpSystemName, LPCWSTR lpName, PLUID lpLuid )
1075 UINT i;
1077 TRACE("%s,%s,%p\n",debugstr_w(lpSystemName), debugstr_w(lpName), lpLuid);
1079 if (!ADVAPI_IsLocalComputer(lpSystemName))
1081 SetLastError(RPC_S_SERVER_UNAVAILABLE);
1082 return FALSE;
1084 if (!lpName)
1086 SetLastError(ERROR_NO_SUCH_PRIVILEGE);
1087 return FALSE;
1089 for( i=SE_MIN_WELL_KNOWN_PRIVILEGE; i<SE_MAX_WELL_KNOWN_PRIVILEGE; i++ )
1091 if( !WellKnownPrivNames[i] )
1092 continue;
1093 if( strcmpiW( WellKnownPrivNames[i], lpName) )
1094 continue;
1095 lpLuid->LowPart = i;
1096 lpLuid->HighPart = 0;
1097 TRACE( "%s -> %08lx-%08lx\n",debugstr_w( lpSystemName ),
1098 lpLuid->HighPart, lpLuid->LowPart );
1099 return TRUE;
1101 SetLastError(ERROR_NO_SUCH_PRIVILEGE);
1102 return FALSE;
1105 /******************************************************************************
1106 * LookupPrivilegeValueA [ADVAPI32.@]
1108 * Retrieves LUID used on a system to represent the privilege name.
1110 * PARAMS
1111 * lpSystemName [I] Name of the system
1112 * lpName [I] Name of the privilege
1113 * lpLuid [O] Destination for the resulting LUID
1115 * RETURNS
1116 * Success: TRUE. lpLuid contains the requested LUID.
1117 * Failure: FALSE.
1119 BOOL WINAPI
1120 LookupPrivilegeValueA( LPCSTR lpSystemName, LPCSTR lpName, PLUID lpLuid )
1122 UNICODE_STRING lpSystemNameW;
1123 UNICODE_STRING lpNameW;
1124 BOOL ret;
1126 RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW, lpSystemName);
1127 RtlCreateUnicodeStringFromAsciiz(&lpNameW,lpName);
1128 ret = LookupPrivilegeValueW(lpSystemNameW.Buffer, lpNameW.Buffer, lpLuid);
1129 RtlFreeUnicodeString(&lpNameW);
1130 RtlFreeUnicodeString(&lpSystemNameW);
1131 return ret;
1134 BOOL WINAPI LookupPrivilegeDisplayNameA( LPCSTR lpSystemName, LPCSTR lpName, LPSTR lpDisplayName,
1135 LPDWORD cchDisplayName, LPDWORD lpLanguageId )
1137 FIXME("%s %s %s %p %p - stub\n", debugstr_a(lpSystemName), debugstr_a(lpName),
1138 debugstr_a(lpDisplayName), cchDisplayName, lpLanguageId);
1140 return FALSE;
1143 BOOL WINAPI LookupPrivilegeDisplayNameW( LPCWSTR lpSystemName, LPCWSTR lpName, LPWSTR lpDisplayName,
1144 LPDWORD cchDisplayName, LPDWORD lpLanguageId )
1146 FIXME("%s %s %s %p %p - stub\n", debugstr_w(lpSystemName), debugstr_w(lpName),
1147 debugstr_w(lpDisplayName), cchDisplayName, lpLanguageId);
1149 return FALSE;
1152 /******************************************************************************
1153 * LookupPrivilegeNameA [ADVAPI32.@]
1155 * See LookupPrivilegeNameW
1157 BOOL WINAPI
1158 LookupPrivilegeNameA( LPCSTR lpSystemName, PLUID lpLuid, LPSTR lpName,
1159 LPDWORD cchName)
1161 UNICODE_STRING lpSystemNameW;
1162 BOOL ret;
1163 DWORD wLen = 0;
1165 TRACE("%s %p %p %p\n", debugstr_a(lpSystemName), lpLuid, lpName, cchName);
1167 RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW, lpSystemName);
1168 ret = LookupPrivilegeNameW(lpSystemNameW.Buffer, lpLuid, NULL, &wLen);
1169 if (!ret && GetLastError() == ERROR_INSUFFICIENT_BUFFER)
1171 LPWSTR lpNameW = HeapAlloc(GetProcessHeap(), 0, wLen * sizeof(WCHAR));
1173 ret = LookupPrivilegeNameW(lpSystemNameW.Buffer, lpLuid, lpNameW,
1174 &wLen);
1175 if (ret)
1177 /* Windows crashes if cchName is NULL, so will I */
1178 int len = WideCharToMultiByte(CP_ACP, 0, lpNameW, -1, lpName,
1179 *cchName, NULL, NULL);
1181 if (len == 0)
1183 /* WideCharToMultiByte failed */
1184 ret = FALSE;
1186 else if (len > *cchName)
1188 *cchName = len;
1189 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1190 ret = FALSE;
1192 else
1194 /* WideCharToMultiByte succeeded, output length needs to be
1195 * length not including NULL terminator
1197 *cchName = len - 1;
1200 HeapFree(GetProcessHeap(), 0, lpNameW);
1202 RtlFreeUnicodeString(&lpSystemNameW);
1203 return ret;
1206 /******************************************************************************
1207 * LookupPrivilegeNameW [ADVAPI32.@]
1209 * Retrieves the privilege name referred to by the LUID lpLuid.
1211 * PARAMS
1212 * lpSystemName [I] Name of the system
1213 * lpLuid [I] Privilege value
1214 * lpName [O] Name of the privilege
1215 * cchName [I/O] Number of characters in lpName.
1217 * RETURNS
1218 * Success: TRUE. lpName contains the name of the privilege whose value is
1219 * *lpLuid.
1220 * Failure: FALSE.
1222 * REMARKS
1223 * Only well-known privilege names (those defined in winnt.h) can be retrieved
1224 * using this function.
1225 * If the length of lpName is too small, on return *cchName will contain the
1226 * number of WCHARs needed to contain the privilege, including the NULL
1227 * terminator, and GetLastError will return ERROR_INSUFFICIENT_BUFFER.
1228 * On success, *cchName will contain the number of characters stored in
1229 * lpName, NOT including the NULL terminator.
1231 BOOL WINAPI
1232 LookupPrivilegeNameW( LPCWSTR lpSystemName, PLUID lpLuid, LPWSTR lpName,
1233 LPDWORD cchName)
1235 size_t privNameLen;
1237 TRACE("%s,%p,%p,%p\n",debugstr_w(lpSystemName), lpLuid, lpName, cchName);
1239 if (!ADVAPI_IsLocalComputer(lpSystemName))
1241 SetLastError(RPC_S_SERVER_UNAVAILABLE);
1242 return FALSE;
1244 if (lpLuid->HighPart || (lpLuid->LowPart < SE_MIN_WELL_KNOWN_PRIVILEGE ||
1245 lpLuid->LowPart > SE_MAX_WELL_KNOWN_PRIVILEGE))
1247 SetLastError(ERROR_NO_SUCH_PRIVILEGE);
1248 return FALSE;
1250 privNameLen = strlenW(WellKnownPrivNames[lpLuid->LowPart]);
1251 /* Windows crashes if cchName is NULL, so will I */
1252 if (*cchName <= privNameLen)
1254 *cchName = privNameLen + 1;
1255 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1256 return FALSE;
1258 else
1260 strcpyW(lpName, WellKnownPrivNames[lpLuid->LowPart]);
1261 *cchName = privNameLen;
1262 return TRUE;
1266 /******************************************************************************
1267 * GetFileSecurityA [ADVAPI32.@]
1269 * Obtains Specified information about the security of a file or directory.
1271 * PARAMS
1272 * lpFileName [I] Name of the file to get info for
1273 * RequestedInformation [I] SE_ flags from "winnt.h"
1274 * pSecurityDescriptor [O] Destination for security information
1275 * nLength [I] Length of pSecurityDescriptor
1276 * lpnLengthNeeded [O] Destination for length of returned security information
1278 * RETURNS
1279 * Success: TRUE. pSecurityDescriptor contains the requested information.
1280 * Failure: FALSE. lpnLengthNeeded contains the required space to return the info.
1282 * NOTES
1283 * The information returned is constrained by the callers access rights and
1284 * privileges.
1286 BOOL WINAPI
1287 GetFileSecurityA( LPCSTR lpFileName,
1288 SECURITY_INFORMATION RequestedInformation,
1289 PSECURITY_DESCRIPTOR pSecurityDescriptor,
1290 DWORD nLength, LPDWORD lpnLengthNeeded )
1292 DWORD len;
1293 BOOL r;
1294 LPWSTR name = NULL;
1296 if( lpFileName )
1298 len = MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, NULL, 0 );
1299 name = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
1300 MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, name, len );
1303 r = GetFileSecurityW( name, RequestedInformation, pSecurityDescriptor,
1304 nLength, lpnLengthNeeded );
1305 HeapFree( GetProcessHeap(), 0, name );
1307 return r;
1310 /******************************************************************************
1311 * GetFileSecurityW [ADVAPI32.@]
1313 * See GetFileSecurityA.
1315 BOOL WINAPI
1316 GetFileSecurityW( LPCWSTR lpFileName,
1317 SECURITY_INFORMATION RequestedInformation,
1318 PSECURITY_DESCRIPTOR pSecurityDescriptor,
1319 DWORD nLength, LPDWORD lpnLengthNeeded )
1321 DWORD nNeeded;
1322 LPBYTE pBuffer;
1323 DWORD iLocNow;
1324 SECURITY_DESCRIPTOR_RELATIVE *pSDRelative;
1326 if(INVALID_FILE_ATTRIBUTES == GetFileAttributesW(lpFileName))
1327 return FALSE;
1329 FIXME("(%s) : returns fake SECURITY_DESCRIPTOR\n", debugstr_w(lpFileName) );
1331 nNeeded = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
1332 if (RequestedInformation & OWNER_SECURITY_INFORMATION)
1333 nNeeded += sizeof(sidWorld);
1334 if (RequestedInformation & GROUP_SECURITY_INFORMATION)
1335 nNeeded += sizeof(sidWorld);
1336 if (RequestedInformation & DACL_SECURITY_INFORMATION)
1337 nNeeded += WINE_SIZE_OF_WORLD_ACCESS_ACL;
1338 if (RequestedInformation & SACL_SECURITY_INFORMATION)
1339 nNeeded += WINE_SIZE_OF_WORLD_ACCESS_ACL;
1341 *lpnLengthNeeded = nNeeded;
1343 if (nNeeded > nLength)
1344 return TRUE;
1346 if (!InitializeSecurityDescriptor(pSecurityDescriptor, SECURITY_DESCRIPTOR_REVISION))
1347 return FALSE;
1349 pSDRelative = (PISECURITY_DESCRIPTOR_RELATIVE) pSecurityDescriptor;
1350 pSDRelative->Control |= SE_SELF_RELATIVE;
1351 pBuffer = (LPBYTE) pSDRelative;
1352 iLocNow = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
1354 if (RequestedInformation & OWNER_SECURITY_INFORMATION)
1356 memcpy(pBuffer + iLocNow, &sidWorld, sizeof(sidWorld));
1357 pSDRelative->Owner = iLocNow;
1358 iLocNow += sizeof(sidWorld);
1360 if (RequestedInformation & GROUP_SECURITY_INFORMATION)
1362 memcpy(pBuffer + iLocNow, &sidWorld, sizeof(sidWorld));
1363 pSDRelative->Group = iLocNow;
1364 iLocNow += sizeof(sidWorld);
1366 if (RequestedInformation & DACL_SECURITY_INFORMATION)
1368 GetWorldAccessACL((PACL) (pBuffer + iLocNow));
1369 pSDRelative->Dacl = iLocNow;
1370 iLocNow += WINE_SIZE_OF_WORLD_ACCESS_ACL;
1372 if (RequestedInformation & SACL_SECURITY_INFORMATION)
1374 GetWorldAccessACL((PACL) (pBuffer + iLocNow));
1375 pSDRelative->Sacl = iLocNow;
1376 /* iLocNow += WINE_SIZE_OF_WORLD_ACCESS_ACL; */
1378 return TRUE;
1382 /******************************************************************************
1383 * LookupAccountSidA [ADVAPI32.@]
1385 BOOL WINAPI
1386 LookupAccountSidA(
1387 IN LPCSTR system,
1388 IN PSID sid,
1389 OUT LPSTR account,
1390 IN OUT LPDWORD accountSize,
1391 OUT LPSTR domain,
1392 IN OUT LPDWORD domainSize,
1393 OUT PSID_NAME_USE name_use )
1395 static const char ac[] = "Administrator";
1396 static const char dm[] = "DOMAIN";
1397 FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
1398 debugstr_a(system),sid,
1399 account,accountSize,accountSize?*accountSize:0,
1400 domain,domainSize,domainSize?*domainSize:0,
1401 name_use);
1403 if (accountSize) *accountSize = strlen(ac)+1;
1404 if (account && (*accountSize > strlen(ac)))
1405 strcpy(account, ac);
1407 if (domainSize) *domainSize = strlen(dm)+1;
1408 if (domain && (*domainSize > strlen(dm)))
1409 strcpy(domain,dm);
1411 if (name_use) *name_use = SidTypeUser;
1412 return TRUE;
1415 /******************************************************************************
1416 * LookupAccountSidW [ADVAPI32.@]
1418 * PARAMS
1419 * system []
1420 * sid []
1421 * account []
1422 * accountSize []
1423 * domain []
1424 * domainSize []
1425 * name_use []
1427 BOOL WINAPI
1428 LookupAccountSidW(
1429 IN LPCWSTR system,
1430 IN PSID sid,
1431 OUT LPWSTR account,
1432 IN OUT LPDWORD accountSize,
1433 OUT LPWSTR domain,
1434 IN OUT LPDWORD domainSize,
1435 OUT PSID_NAME_USE name_use )
1437 static const WCHAR ac[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0};
1438 static const WCHAR dm[] = {'D','O','M','A','I','N',0};
1439 FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
1440 debugstr_w(system),sid,
1441 account,accountSize,accountSize?*accountSize:0,
1442 domain,domainSize,domainSize?*domainSize:0,
1443 name_use);
1445 if (accountSize) *accountSize = strlenW(ac)+1;
1446 if (account && (*accountSize > strlenW(ac)))
1447 strcpyW(account, ac);
1449 if (domainSize) *domainSize = strlenW(dm)+1;
1450 if (domain && (*domainSize > strlenW(dm)))
1451 strcpyW(domain,dm);
1453 if (name_use) *name_use = SidTypeUser;
1454 return TRUE;
1457 /******************************************************************************
1458 * SetFileSecurityA [ADVAPI32.@]
1459 * Sets the security of a file or directory
1461 BOOL WINAPI SetFileSecurityA( LPCSTR lpFileName,
1462 SECURITY_INFORMATION RequestedInformation,
1463 PSECURITY_DESCRIPTOR pSecurityDescriptor)
1465 DWORD len;
1466 BOOL r;
1467 LPWSTR name = NULL;
1469 if( lpFileName )
1471 len = MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, NULL, 0 );
1472 name = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
1473 MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, name, len );
1476 r = SetFileSecurityW( name, RequestedInformation, pSecurityDescriptor );
1477 HeapFree( GetProcessHeap(), 0, name );
1479 return r;
1482 /******************************************************************************
1483 * SetFileSecurityW [ADVAPI32.@]
1484 * Sets the security of a file or directory
1486 * PARAMS
1487 * lpFileName []
1488 * RequestedInformation []
1489 * pSecurityDescriptor []
1491 BOOL WINAPI
1492 SetFileSecurityW( LPCWSTR lpFileName,
1493 SECURITY_INFORMATION RequestedInformation,
1494 PSECURITY_DESCRIPTOR pSecurityDescriptor )
1496 FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
1497 return TRUE;
1500 /******************************************************************************
1501 * QueryWindows31FilesMigration [ADVAPI32.@]
1503 * PARAMS
1504 * x1 []
1506 BOOL WINAPI
1507 QueryWindows31FilesMigration( DWORD x1 )
1509 FIXME("(%ld):stub\n",x1);
1510 return TRUE;
1513 /******************************************************************************
1514 * SynchronizeWindows31FilesAndWindowsNTRegistry [ADVAPI32.@]
1516 * PARAMS
1517 * x1 []
1518 * x2 []
1519 * x3 []
1520 * x4 []
1522 BOOL WINAPI
1523 SynchronizeWindows31FilesAndWindowsNTRegistry( DWORD x1, DWORD x2, DWORD x3,
1524 DWORD x4 )
1526 FIXME("(0x%08lx,0x%08lx,0x%08lx,0x%08lx):stub\n",x1,x2,x3,x4);
1527 return TRUE;
1530 NTSTATUS WINAPI
1531 LsaEnumerateTrustedDomains(
1532 LSA_HANDLE PolicyHandle,
1533 PLSA_ENUMERATION_HANDLE EnumerationContext,
1534 PVOID* Buffer,
1535 ULONG PreferedMaximumLength,
1536 PULONG CountReturned)
1538 FIXME("(%p,%p,%p,0x%08lx,%p):stub\n", PolicyHandle, EnumerationContext,
1539 Buffer, PreferedMaximumLength, CountReturned);
1541 if (CountReturned) *CountReturned = 0;
1542 return STATUS_SUCCESS;
1545 NTSTATUS WINAPI
1546 LsaLookupNames(
1547 LSA_HANDLE PolicyHandle,
1548 ULONG Count,
1549 PLSA_UNICODE_STRING Names,
1550 PLSA_REFERENCED_DOMAIN_LIST* ReferencedDomains,
1551 PLSA_TRANSLATED_SID* Sids)
1553 FIXME("(%p,0x%08lx,%p,%p,%p):stub\n", PolicyHandle, Count, Names,
1554 ReferencedDomains, Sids);
1556 return STATUS_NONE_MAPPED;
1559 /******************************************************************************
1560 * LsaOpenPolicy [ADVAPI32.@]
1562 * PARAMS
1563 * SystemName [I]
1564 * ObjectAttributes [I]
1565 * DesiredAccess [I]
1566 * PolicyHandle [I/O]
1568 NTSTATUS WINAPI
1569 LsaOpenPolicy(
1570 IN PLSA_UNICODE_STRING SystemName,
1571 IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes,
1572 IN ACCESS_MASK DesiredAccess,
1573 IN OUT PLSA_HANDLE PolicyHandle)
1575 FIXME("(%s,%p,0x%08lx,%p):stub\n",
1576 SystemName?debugstr_w(SystemName->Buffer):"null",
1577 ObjectAttributes, DesiredAccess, PolicyHandle);
1578 ADVAPI_ForceLocalComputer(SystemName ? SystemName->Buffer : NULL,
1579 STATUS_ACCESS_VIOLATION);
1580 dumpLsaAttributes(ObjectAttributes);
1581 if(PolicyHandle) *PolicyHandle = (LSA_HANDLE)0xcafe;
1582 return STATUS_SUCCESS;
1585 /******************************************************************************
1586 * LsaQueryInformationPolicy [ADVAPI32.@]
1588 NTSTATUS WINAPI
1589 LsaQueryInformationPolicy(
1590 IN LSA_HANDLE PolicyHandle,
1591 IN POLICY_INFORMATION_CLASS InformationClass,
1592 OUT PVOID *Buffer)
1594 FIXME("(%p,0x%08x,%p):stub\n",
1595 PolicyHandle, InformationClass, Buffer);
1597 if(!Buffer) return FALSE;
1598 switch (InformationClass)
1600 case PolicyAuditEventsInformation: /* 2 */
1602 PPOLICY_AUDIT_EVENTS_INFO p = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(POLICY_AUDIT_EVENTS_INFO));
1603 p->AuditingMode = FALSE; /* no auditing */
1604 *Buffer = p;
1606 break;
1607 case PolicyPrimaryDomainInformation: /* 3 */
1608 case PolicyAccountDomainInformation: /* 5 */
1610 struct di
1611 { POLICY_PRIMARY_DOMAIN_INFO ppdi;
1612 SID sid;
1614 SID_IDENTIFIER_AUTHORITY localSidAuthority = {SECURITY_NT_AUTHORITY};
1616 struct di * xdi = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(xdi));
1617 HKEY key;
1618 BOOL useDefault = TRUE;
1619 LONG ret;
1621 if ((ret = RegOpenKeyExA(HKEY_LOCAL_MACHINE,
1622 "System\\CurrentControlSet\\Services\\VxD\\VNETSUP", 0,
1623 KEY_READ, &key)) == ERROR_SUCCESS)
1625 DWORD size = 0;
1626 static const WCHAR wg[] = { 'W','o','r','k','g','r','o','u','p',0 };
1628 ret = RegQueryValueExW(key, wg, NULL, NULL, NULL, &size);
1629 if (ret == ERROR_MORE_DATA || ret == ERROR_SUCCESS)
1631 xdi->ppdi.Name.Buffer = HeapAlloc(GetProcessHeap(),
1632 HEAP_ZERO_MEMORY, size);
1633 if ((ret = RegQueryValueExW(key, wg, NULL, NULL,
1634 (LPBYTE)xdi->ppdi.Name.Buffer, &size)) == ERROR_SUCCESS)
1636 xdi->ppdi.Name.Length = (USHORT)size;
1637 useDefault = FALSE;
1639 else
1641 HeapFree(GetProcessHeap(), 0, xdi->ppdi.Name.Buffer);
1642 xdi->ppdi.Name.Buffer = NULL;
1645 RegCloseKey(key);
1647 if (useDefault)
1648 RtlCreateUnicodeStringFromAsciiz(&(xdi->ppdi.Name), "DOMAIN");
1649 TRACE("setting domain to %s\n", debugstr_w(xdi->ppdi.Name.Buffer));
1651 xdi->ppdi.Sid = &(xdi->sid);
1652 xdi->sid.Revision = SID_REVISION;
1653 xdi->sid.SubAuthorityCount = 1;
1654 xdi->sid.IdentifierAuthority = localSidAuthority;
1655 xdi->sid.SubAuthority[0] = SECURITY_LOCAL_SYSTEM_RID;
1656 *Buffer = xdi;
1658 break;
1659 case PolicyAuditLogInformation:
1660 case PolicyPdAccountInformation:
1661 case PolicyLsaServerRoleInformation:
1662 case PolicyReplicaSourceInformation:
1663 case PolicyDefaultQuotaInformation:
1664 case PolicyModificationInformation:
1665 case PolicyAuditFullSetInformation:
1666 case PolicyAuditFullQueryInformation:
1667 case PolicyDnsDomainInformation:
1669 FIXME("category not implemented\n");
1670 return FALSE;
1673 return TRUE;
1676 /******************************************************************************
1677 * LsaSetInformationPolicy [ADVAPI32.@]
1679 NTSTATUS WINAPI
1680 LsaSetInformationPolicy(
1681 LSA_HANDLE PolicyHandle,
1682 POLICY_INFORMATION_CLASS InformationClass,
1683 PVOID Buffer)
1685 FIXME("(%p,0x%08x,%p):stub\n", PolicyHandle, InformationClass, Buffer);
1687 return STATUS_UNSUCCESSFUL;
1690 /******************************************************************************
1691 * LsaLookupSids [ADVAPI32.@]
1693 NTSTATUS WINAPI
1694 LsaLookupSids(
1695 IN LSA_HANDLE PolicyHandle,
1696 IN ULONG Count,
1697 IN PSID *Sids,
1698 OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,
1699 OUT PLSA_TRANSLATED_NAME *Names )
1701 FIXME("%p %lu %p %p %p\n",
1702 PolicyHandle, Count, Sids, ReferencedDomains, Names);
1703 return FALSE;
1706 /******************************************************************************
1707 * LsaFreeMemory [ADVAPI32.@]
1709 NTSTATUS WINAPI
1710 LsaFreeMemory(IN PVOID Buffer)
1712 TRACE("(%p)\n",Buffer);
1713 return HeapFree(GetProcessHeap(), 0, Buffer);
1715 /******************************************************************************
1716 * LsaClose [ADVAPI32.@]
1718 NTSTATUS WINAPI
1719 LsaClose(IN LSA_HANDLE ObjectHandle)
1721 FIXME("(%p):stub\n",ObjectHandle);
1722 return 0xc0000000;
1725 /******************************************************************************
1726 * LsaStorePrivateData [ADVAPI32.@]
1728 NTSTATUS WINAPI LsaStorePrivateData( LSA_HANDLE PolicyHandle,
1729 PLSA_UNICODE_STRING KeyName, PLSA_UNICODE_STRING PrivateData)
1731 FIXME("%p %p %p\n", PolicyHandle, KeyName, PrivateData);
1732 return STATUS_OBJECT_NAME_NOT_FOUND;
1735 /******************************************************************************
1736 * LsaRetrievePrivateData [ADVAPI32.@]
1738 NTSTATUS WINAPI LsaRetrievePrivateData( LSA_HANDLE PolicyHandle,
1739 PLSA_UNICODE_STRING KeyName, PLSA_UNICODE_STRING* PrivateData)
1741 FIXME("%p %p %p\n", PolicyHandle, KeyName, PrivateData);
1742 return STATUS_OBJECT_NAME_NOT_FOUND;
1745 /******************************************************************************
1746 * LsaNtStatusToWinError [ADVAPI32.@]
1748 * PARAMS
1749 * Status [I]
1751 ULONG WINAPI
1752 LsaNtStatusToWinError(NTSTATUS Status)
1754 return RtlNtStatusToDosError(Status);
1757 /******************************************************************************
1758 * NotifyBootConfigStatus [ADVAPI32.@]
1760 * PARAMS
1761 * x1 []
1763 BOOL WINAPI
1764 NotifyBootConfigStatus( DWORD x1 )
1766 FIXME("(0x%08lx):stub\n",x1);
1767 return 1;
1770 /******************************************************************************
1771 * RevertToSelf [ADVAPI32.@]
1773 * PARAMS
1774 * void []
1776 BOOL WINAPI
1777 RevertToSelf( void )
1779 FIXME("(), stub\n");
1780 return TRUE;
1783 /******************************************************************************
1784 * ImpersonateSelf [ADVAPI32.@]
1786 BOOL WINAPI
1787 ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
1789 return RtlImpersonateSelf(ImpersonationLevel);
1792 /******************************************************************************
1793 * ImpersonateLoggedOnUser [ADVAPI32.@]
1795 BOOL WINAPI ImpersonateLoggedOnUser(HANDLE hToken)
1797 FIXME("(%p):stub returning FALSE\n", hToken);
1798 return FALSE;
1801 /******************************************************************************
1802 * AccessCheck [ADVAPI32.@]
1804 BOOL WINAPI
1805 AccessCheck(
1806 PSECURITY_DESCRIPTOR SecurityDescriptor,
1807 HANDLE ClientToken,
1808 DWORD DesiredAccess,
1809 PGENERIC_MAPPING GenericMapping,
1810 PPRIVILEGE_SET PrivilegeSet,
1811 LPDWORD PrivilegeSetLength,
1812 LPDWORD GrantedAccess,
1813 LPBOOL AccessStatus)
1815 NTSTATUS access_status;
1816 BOOL ret = set_ntstatus( NtAccessCheck(SecurityDescriptor, ClientToken, DesiredAccess,
1817 GenericMapping, PrivilegeSet, PrivilegeSetLength,
1818 GrantedAccess, &access_status) );
1819 if (ret) *AccessStatus = set_ntstatus( access_status );
1820 return ret;
1824 /******************************************************************************
1825 * AccessCheckByType [ADVAPI32.@]
1827 BOOL WINAPI AccessCheckByType(
1828 PSECURITY_DESCRIPTOR pSecurityDescriptor,
1829 PSID PrincipalSelfSid,
1830 HANDLE ClientToken,
1831 DWORD DesiredAccess,
1832 POBJECT_TYPE_LIST ObjectTypeList,
1833 DWORD ObjectTypeListLength,
1834 PGENERIC_MAPPING GenericMapping,
1835 PPRIVILEGE_SET PrivilegeSet,
1836 LPDWORD PrivilegeSetLength,
1837 LPDWORD GrantedAccess,
1838 LPBOOL AccessStatus)
1840 FIXME("stub\n");
1842 *AccessStatus = TRUE;
1844 return !*AccessStatus;
1847 VOID WINAPI MapGenericMask( PDWORD AccessMask, PGENERIC_MAPPING GenericMapping )
1849 FIXME("%p %p - stub\n", AccessMask, GenericMapping);
1851 *AccessMask |= GenericMapping->GenericRead;
1852 *AccessMask |= GenericMapping->GenericWrite;
1853 *AccessMask |= GenericMapping->GenericExecute;
1854 *AccessMask |= GenericMapping->GenericAll;
1857 /*************************************************************************
1858 * SetKernelObjectSecurity [ADVAPI32.@]
1860 BOOL WINAPI SetKernelObjectSecurity (
1861 IN HANDLE Handle,
1862 IN SECURITY_INFORMATION SecurityInformation,
1863 IN PSECURITY_DESCRIPTOR SecurityDescriptor )
1865 return set_ntstatus (NtSetSecurityObject (Handle, SecurityInformation, SecurityDescriptor));
1869 /******************************************************************************
1870 * AddAuditAccessAce [ADVAPI32.@]
1872 BOOL WINAPI AddAuditAccessAce(
1873 IN OUT PACL pAcl,
1874 IN DWORD dwAceRevision,
1875 IN DWORD dwAccessMask,
1876 IN PSID pSid,
1877 IN BOOL bAuditSuccess,
1878 IN BOOL bAuditFailure)
1880 FIXME("Stub\n");
1881 return TRUE;
1884 /******************************************************************************
1885 * LookupAccountNameA [ADVAPI32.@]
1887 BOOL WINAPI
1888 LookupAccountNameA(
1889 IN LPCSTR system,
1890 IN LPCSTR account,
1891 OUT PSID sid,
1892 OUT LPDWORD cbSid,
1893 LPSTR ReferencedDomainName,
1894 IN OUT LPDWORD cbReferencedDomainName,
1895 OUT PSID_NAME_USE name_use )
1897 /* Default implementation: Always return a default SID */
1898 SID_IDENTIFIER_AUTHORITY identifierAuthority = {SECURITY_NT_AUTHORITY};
1899 BOOL ret;
1900 PSID pSid;
1901 static const char dm[] = "DOMAIN";
1903 FIXME("(%s,%s,%p,%p,%p,%p,%p), stub.\n",system,account,sid,cbSid,ReferencedDomainName,cbReferencedDomainName,name_use);
1905 ret = AllocateAndInitializeSid(&identifierAuthority,
1907 SECURITY_BUILTIN_DOMAIN_RID,
1908 DOMAIN_ALIAS_RID_ADMINS,
1909 0, 0, 0, 0, 0, 0,
1910 &pSid);
1912 if (!ret)
1913 return FALSE;
1914 if(!RtlValidSid(pSid))
1916 FreeSid(pSid);
1917 return FALSE;
1920 if (sid != NULL && (*cbSid >= GetLengthSid(pSid)))
1921 CopySid(*cbSid, sid, pSid);
1922 if (*cbSid < GetLengthSid(pSid))
1924 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1925 ret = FALSE;
1927 *cbSid = GetLengthSid(pSid);
1929 if (ReferencedDomainName != NULL && (*cbReferencedDomainName > strlen(dm)))
1930 strcpy(ReferencedDomainName, dm);
1931 if (*cbReferencedDomainName <= strlen(dm))
1933 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1934 ret = FALSE;
1936 *cbReferencedDomainName = strlen(dm)+1;
1938 FreeSid(pSid);
1940 return ret;
1943 /******************************************************************************
1944 * LookupAccountNameW [ADVAPI32.@]
1946 BOOL WINAPI LookupAccountNameW( LPCWSTR lpSystemName, LPCWSTR lpAccountName, PSID Sid,
1947 LPDWORD cbSid, LPWSTR ReferencedDomainName,
1948 LPDWORD cchReferencedDomainName, PSID_NAME_USE peUse )
1950 FIXME("%s %s %p %p %p %p %p - stub\n", debugstr_w(lpSystemName), debugstr_w(lpAccountName),
1951 Sid, cbSid, ReferencedDomainName, cchReferencedDomainName, peUse);
1953 return FALSE;
1956 /******************************************************************************
1957 * PrivilegeCheck [ADVAPI32.@]
1959 BOOL WINAPI PrivilegeCheck( HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
1961 BOOL ret;
1962 BOOLEAN Result;
1964 TRACE("%p %p %p\n", ClientToken, RequiredPrivileges, pfResult);
1966 ret = set_ntstatus (NtPrivilegeCheck (ClientToken, RequiredPrivileges, &Result));
1967 if (ret)
1968 *pfResult = Result;
1969 return ret;
1972 /******************************************************************************
1973 * AccessCheckAndAuditAlarmA [ADVAPI32.@]
1975 BOOL WINAPI AccessCheckAndAuditAlarmA(LPCSTR Subsystem, LPVOID HandleId, LPSTR ObjectTypeName,
1976 LPSTR ObjectName, PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD DesiredAccess,
1977 PGENERIC_MAPPING GenericMapping, BOOL ObjectCreation, LPDWORD GrantedAccess,
1978 LPBOOL AccessStatus, LPBOOL pfGenerateOnClose)
1980 FIXME("stub (%s,%p,%s,%s,%p,%08lx,%p,%x,%p,%p,%p)\n", debugstr_a(Subsystem),
1981 HandleId, debugstr_a(ObjectTypeName), debugstr_a(ObjectName),
1982 SecurityDescriptor, DesiredAccess, GenericMapping,
1983 ObjectCreation, GrantedAccess, AccessStatus, pfGenerateOnClose);
1984 return TRUE;
1987 /******************************************************************************
1988 * AccessCheckAndAuditAlarmW [ADVAPI32.@]
1990 BOOL WINAPI AccessCheckAndAuditAlarmW(LPCWSTR Subsystem, LPVOID HandleId, LPWSTR ObjectTypeName,
1991 LPWSTR ObjectName, PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD DesiredAccess,
1992 PGENERIC_MAPPING GenericMapping, BOOL ObjectCreation, LPDWORD GrantedAccess,
1993 LPBOOL AccessStatus, LPBOOL pfGenerateOnClose)
1995 FIXME("stub (%s,%p,%s,%s,%p,%08lx,%p,%x,%p,%p,%p)\n", debugstr_w(Subsystem),
1996 HandleId, debugstr_w(ObjectTypeName), debugstr_w(ObjectName),
1997 SecurityDescriptor, DesiredAccess, GenericMapping,
1998 ObjectCreation, GrantedAccess, AccessStatus, pfGenerateOnClose);
1999 return TRUE;
2002 BOOL WINAPI ObjectCloseAuditAlarmA(LPCSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
2004 FIXME("stub (%s,%p,%x)\n", debugstr_a(SubsystemName), HandleId, GenerateOnClose);
2006 return TRUE;
2009 BOOL WINAPI ObjectCloseAuditAlarmW(LPCWSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
2011 FIXME("stub (%s,%p,%x)\n", debugstr_w(SubsystemName), HandleId, GenerateOnClose);
2013 return TRUE;
2016 BOOL WINAPI ObjectOpenAuditAlarmA(LPCSTR SubsystemName, LPVOID HandleId, LPSTR ObjectTypeName,
2017 LPSTR ObjectName, PSECURITY_DESCRIPTOR pSecurityDescriptor, HANDLE ClientToken, DWORD DesiredAccess,
2018 DWORD GrantedAccess, PPRIVILEGE_SET Privileges, BOOL ObjectCreation, BOOL AccessGranted,
2019 LPBOOL GenerateOnClose)
2021 FIXME("stub (%s,%p,%s,%s,%p,%p,0x%08lx,0x%08lx,%p,%x,%x,%p)\n", debugstr_a(SubsystemName),
2022 HandleId, debugstr_a(ObjectTypeName), debugstr_a(ObjectName), pSecurityDescriptor,
2023 ClientToken, DesiredAccess, GrantedAccess, Privileges, ObjectCreation, AccessGranted,
2024 GenerateOnClose);
2026 return TRUE;
2029 BOOL WINAPI ObjectOpenAuditAlarmW(LPCWSTR SubsystemName, LPVOID HandleId, LPWSTR ObjectTypeName,
2030 LPWSTR ObjectName, PSECURITY_DESCRIPTOR pSecurityDescriptor, HANDLE ClientToken, DWORD DesiredAccess,
2031 DWORD GrantedAccess, PPRIVILEGE_SET Privileges, BOOL ObjectCreation, BOOL AccessGranted,
2032 LPBOOL GenerateOnClose)
2034 FIXME("stub (%s,%p,%s,%s,%p,%p,0x%08lx,0x%08lx,%p,%x,%x,%p)\n", debugstr_w(SubsystemName),
2035 HandleId, debugstr_w(ObjectTypeName), debugstr_w(ObjectName), pSecurityDescriptor,
2036 ClientToken, DesiredAccess, GrantedAccess, Privileges, ObjectCreation, AccessGranted,
2037 GenerateOnClose);
2039 return TRUE;
2042 BOOL WINAPI ObjectPrivilegeAuditAlarmA( LPCSTR SubsystemName, LPVOID HandleId, HANDLE ClientToken,
2043 DWORD DesiredAccess, PPRIVILEGE_SET Privileges, BOOL AccessGranted)
2045 FIXME("stub (%s,%p,%p,0x%08lx,%p,%x)\n", debugstr_a(SubsystemName), HandleId, ClientToken,
2046 DesiredAccess, Privileges, AccessGranted);
2048 return TRUE;
2051 BOOL WINAPI ObjectPrivilegeAuditAlarmW( LPCWSTR SubsystemName, LPVOID HandleId, HANDLE ClientToken,
2052 DWORD DesiredAccess, PPRIVILEGE_SET Privileges, BOOL AccessGranted)
2054 FIXME("stub (%s,%p,%p,0x%08lx,%p,%x)\n", debugstr_w(SubsystemName), HandleId, ClientToken,
2055 DesiredAccess, Privileges, AccessGranted);
2057 return TRUE;
2060 BOOL WINAPI PrivilegedServiceAuditAlarmA( LPCSTR SubsystemName, LPCSTR ServiceName, HANDLE ClientToken,
2061 PPRIVILEGE_SET Privileges, BOOL AccessGranted)
2063 FIXME("stub (%s,%s,%p,%p,%x)\n", debugstr_a(SubsystemName), debugstr_a(ServiceName),
2064 ClientToken, Privileges, AccessGranted);
2066 return TRUE;
2069 BOOL WINAPI PrivilegedServiceAuditAlarmW( LPCWSTR SubsystemName, LPCWSTR ServiceName, HANDLE ClientToken,
2070 PPRIVILEGE_SET Privileges, BOOL AccessGranted)
2072 FIXME("stub %s,%s,%p,%p,%x)\n", debugstr_w(SubsystemName), debugstr_w(ServiceName),
2073 ClientToken, Privileges, AccessGranted);
2075 return TRUE;
2078 /******************************************************************************
2079 * GetSecurityInfo [ADVAPI32.@]
2081 DWORD WINAPI GetSecurityInfo(
2082 HANDLE hObject, SE_OBJECT_TYPE ObjectType,
2083 SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner,
2084 PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl,
2085 PSECURITY_DESCRIPTOR *ppSecurityDescriptor
2088 FIXME("stub!\n");
2089 return ERROR_BAD_PROVIDER;
2092 /******************************************************************************
2093 * GetSecurityInfoExW [ADVAPI32.@]
2095 DWORD WINAPI GetSecurityInfoExW(
2096 HANDLE hObject, SE_OBJECT_TYPE ObjectType,
2097 SECURITY_INFORMATION SecurityInfo, LPCWSTR lpProvider,
2098 LPCWSTR lpProperty, PACTRL_ACCESSW *ppAccessList,
2099 PACTRL_AUDITW *ppAuditList, LPWSTR *lppOwner, LPWSTR *lppGroup
2102 FIXME("stub!\n");
2103 return ERROR_BAD_PROVIDER;
2106 /******************************************************************************
2107 * BuildExplicitAccessWithNameA [ADVAPI32.@]
2109 VOID WINAPI BuildExplicitAccessWithNameA( PEXPLICIT_ACCESSA pExplicitAccess,
2110 LPSTR pTrusteeName, DWORD AccessPermissions,
2111 ACCESS_MODE AccessMode, DWORD Inheritance )
2113 TRACE("%p %s 0x%08lx 0x%08x 0x%08lx\n", pExplicitAccess, debugstr_a(pTrusteeName),
2114 AccessPermissions, AccessMode, Inheritance);
2116 pExplicitAccess->grfAccessPermissions = AccessPermissions;
2117 pExplicitAccess->grfAccessMode = AccessMode;
2118 pExplicitAccess->grfInheritance = Inheritance;
2120 pExplicitAccess->Trustee.pMultipleTrustee = NULL;
2121 pExplicitAccess->Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2122 pExplicitAccess->Trustee.TrusteeForm = TRUSTEE_IS_NAME;
2123 pExplicitAccess->Trustee.TrusteeType = TRUSTEE_IS_UNKNOWN;
2124 pExplicitAccess->Trustee.ptstrName = pTrusteeName;
2127 /******************************************************************************
2128 * BuildExplicitAccessWithNameW [ADVAPI32.@]
2130 VOID WINAPI BuildExplicitAccessWithNameW( PEXPLICIT_ACCESSW pExplicitAccess,
2131 LPWSTR pTrusteeName, DWORD AccessPermissions,
2132 ACCESS_MODE AccessMode, DWORD Inheritance )
2134 TRACE("%p %s 0x%08lx 0x%08x 0x%08lx\n", pExplicitAccess, debugstr_w(pTrusteeName),
2135 AccessPermissions, AccessMode, Inheritance);
2137 pExplicitAccess->grfAccessPermissions = AccessPermissions;
2138 pExplicitAccess->grfAccessMode = AccessMode;
2139 pExplicitAccess->grfInheritance = Inheritance;
2141 pExplicitAccess->Trustee.pMultipleTrustee = NULL;
2142 pExplicitAccess->Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2143 pExplicitAccess->Trustee.TrusteeForm = TRUSTEE_IS_NAME;
2144 pExplicitAccess->Trustee.TrusteeType = TRUSTEE_IS_UNKNOWN;
2145 pExplicitAccess->Trustee.ptstrName = pTrusteeName;
2148 /******************************************************************************
2149 * BuildTrusteeWithObjectsAndNameA [ADVAPI32.@]
2151 VOID WINAPI BuildTrusteeWithObjectsAndNameA( PTRUSTEEA pTrustee, POBJECTS_AND_NAME_A pObjName,
2152 SE_OBJECT_TYPE ObjectType, LPSTR ObjectTypeName,
2153 LPSTR InheritedObjectTypeName, LPSTR Name )
2155 TRACE("%p %p 0x%08x %p %p %s\n", pTrustee, pObjName,
2156 ObjectType, ObjectTypeName, InheritedObjectTypeName, debugstr_a(Name));
2158 pTrustee->pMultipleTrustee = NULL;
2159 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2160 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_NAME;
2161 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2162 pTrustee->ptstrName = Name;
2165 /******************************************************************************
2166 * BuildTrusteeWithObjectsAndNameW [ADVAPI32.@]
2168 VOID WINAPI BuildTrusteeWithObjectsAndNameW( PTRUSTEEW pTrustee, POBJECTS_AND_NAME_W pObjName,
2169 SE_OBJECT_TYPE ObjectType, LPWSTR ObjectTypeName,
2170 LPWSTR InheritedObjectTypeName, LPWSTR Name )
2172 TRACE("%p %p 0x%08x %p %p %s\n", pTrustee, pObjName,
2173 ObjectType, ObjectTypeName, InheritedObjectTypeName, debugstr_w(Name));
2175 pTrustee->pMultipleTrustee = NULL;
2176 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2177 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_NAME;
2178 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2179 pTrustee->ptstrName = Name;
2182 VOID WINAPI BuildTrusteeWithObjectsAndSidA( PTRUSTEEA pTrustee, POBJECTS_AND_SID pObjSid,
2183 GUID* pObjectGuid, GUID* pInheritedObjectGuid, PSID pSid )
2185 TRACE("%p %p %p %p %p\n", pTrustee, pObjSid, pObjectGuid, pInheritedObjectGuid, pSid);
2187 pTrustee->pMultipleTrustee = NULL;
2188 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2189 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_SID;
2190 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2191 pTrustee->ptstrName = (LPSTR) pSid;
2194 VOID WINAPI BuildTrusteeWithObjectsAndSidW( PTRUSTEEW pTrustee, POBJECTS_AND_SID pObjSid,
2195 GUID* pObjectGuid, GUID* pInheritedObjectGuid, PSID pSid )
2197 TRACE("%p %p %p %p %p\n", pTrustee, pObjSid, pObjectGuid, pInheritedObjectGuid, pSid);
2199 pTrustee->pMultipleTrustee = NULL;
2200 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2201 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_SID;
2202 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2203 pTrustee->ptstrName = (LPWSTR) pSid;
2206 /******************************************************************************
2207 * BuildTrusteeWithSidA [ADVAPI32.@]
2209 VOID WINAPI BuildTrusteeWithSidA(PTRUSTEEA pTrustee, PSID pSid)
2211 TRACE("%p %p\n", pTrustee, pSid);
2213 pTrustee->pMultipleTrustee = NULL;
2214 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2215 pTrustee->TrusteeForm = TRUSTEE_IS_SID;
2216 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2217 pTrustee->ptstrName = (LPSTR) pSid;
2220 /******************************************************************************
2221 * BuildTrusteeWithSidW [ADVAPI32.@]
2223 VOID WINAPI BuildTrusteeWithSidW(PTRUSTEEW pTrustee, PSID pSid)
2225 TRACE("%p %p\n", pTrustee, pSid);
2227 pTrustee->pMultipleTrustee = NULL;
2228 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2229 pTrustee->TrusteeForm = TRUSTEE_IS_SID;
2230 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2231 pTrustee->ptstrName = (LPWSTR) pSid;
2234 /******************************************************************************
2235 * BuildTrusteeWithNameA [ADVAPI32.@]
2237 VOID WINAPI BuildTrusteeWithNameA(PTRUSTEEA pTrustee, LPSTR name)
2239 TRACE("%p %s\n", pTrustee, debugstr_a(name) );
2241 pTrustee->pMultipleTrustee = NULL;
2242 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2243 pTrustee->TrusteeForm = TRUSTEE_IS_NAME;
2244 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2245 pTrustee->ptstrName = name;
2248 /******************************************************************************
2249 * BuildTrusteeWithNameW [ADVAPI32.@]
2251 VOID WINAPI BuildTrusteeWithNameW(PTRUSTEEW pTrustee, LPWSTR name)
2253 TRACE("%p %s\n", pTrustee, debugstr_w(name) );
2255 pTrustee->pMultipleTrustee = NULL;
2256 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2257 pTrustee->TrusteeForm = TRUSTEE_IS_NAME;
2258 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2259 pTrustee->ptstrName = name;
2262 BOOL WINAPI SetAclInformation( PACL pAcl, LPVOID pAclInformation,
2263 DWORD nAclInformationLength,
2264 ACL_INFORMATION_CLASS dwAclInformationClass )
2266 FIXME("%p %p 0x%08lx 0x%08x - stub\n", pAcl, pAclInformation,
2267 nAclInformationLength, dwAclInformationClass);
2269 return TRUE;
2272 /******************************************************************************
2273 * SetEntriesInAclA [ADVAPI32.@]
2275 DWORD WINAPI SetEntriesInAclA( ULONG count, PEXPLICIT_ACCESSA pEntries,
2276 PACL OldAcl, PACL* NewAcl )
2278 FIXME("%ld %p %p %p\n",count,pEntries,OldAcl,NewAcl);
2279 return ERROR_CALL_NOT_IMPLEMENTED;
2282 /******************************************************************************
2283 * SetEntriesInAclW [ADVAPI32.@]
2285 DWORD WINAPI SetEntriesInAclW( ULONG count, PEXPLICIT_ACCESSW pEntries,
2286 PACL OldAcl, PACL* NewAcl )
2288 FIXME("%ld %p %p %p\n",count,pEntries,OldAcl,NewAcl);
2289 return ERROR_CALL_NOT_IMPLEMENTED;
2292 /******************************************************************************
2293 * SetNamedSecurityInfoA [ADVAPI32.@]
2295 DWORD WINAPI SetNamedSecurityInfoA(LPSTR pObjectName,
2296 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
2297 PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
2299 DWORD len;
2300 LPWSTR wstr = NULL;
2301 DWORD r;
2303 TRACE("%s %d %ld %p %p %p %p\n", debugstr_a(pObjectName), ObjectType,
2304 SecurityInfo, psidOwner, psidGroup, pDacl, pSacl);
2306 if( pObjectName )
2308 len = MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, NULL, 0 );
2309 wstr = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR));
2310 MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, wstr, len );
2313 r = SetNamedSecurityInfoW( wstr, ObjectType, SecurityInfo, psidOwner,
2314 psidGroup, pDacl, pSacl );
2316 HeapFree( GetProcessHeap(), 0, wstr );
2318 return r;
2321 BOOL WINAPI SetPrivateObjectSecurity( SECURITY_INFORMATION SecurityInformation,
2322 PSECURITY_DESCRIPTOR ModificationDescriptor,
2323 PSECURITY_DESCRIPTOR* ObjectsSecurityDescriptor,
2324 PGENERIC_MAPPING GenericMapping,
2325 HANDLE Token )
2327 FIXME("0x%08lx %p %p %p %p - stub\n", SecurityInformation, ModificationDescriptor,
2328 ObjectsSecurityDescriptor, GenericMapping, Token);
2330 return TRUE;
2333 BOOL WINAPI SetSecurityDescriptorControl( PSECURITY_DESCRIPTOR pSecurityDescriptor,
2334 SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest,
2335 SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet )
2337 FIXME("%p 0x%08x 0x%08x - stub\n", pSecurityDescriptor, ControlBitsOfInterest,
2338 ControlBitsToSet);
2340 return TRUE;
2343 BOOL WINAPI AreAllAccessesGranted( DWORD GrantedAccess, DWORD DesiredAccess )
2345 return RtlAreAllAccessesGranted( GrantedAccess, DesiredAccess );
2348 /******************************************************************************
2349 * AreAnyAccessesGranted [ADVAPI32.@]
2351 * Determines whether or not any of a set of specified access permissions have
2352 * been granted or not.
2354 * PARAMS
2355 * GrantedAccess [I] The permissions that have been granted.
2356 * DesiredAccess [I] The permissions that you want to have.
2358 * RETURNS
2359 * Nonzero if any of the permissions have been granted, zero if none of the
2360 * permissions have been granted.
2363 BOOL WINAPI AreAnyAccessesGranted( DWORD GrantedAccess, DWORD DesiredAccess )
2365 return RtlAreAnyAccessesGranted( GrantedAccess, DesiredAccess );
2368 /******************************************************************************
2369 * SetNamedSecurityInfoW [ADVAPI32.@]
2371 DWORD WINAPI SetNamedSecurityInfoW(LPWSTR pObjectName,
2372 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
2373 PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
2375 FIXME("%s %d %ld %p %p %p %p\n", debugstr_w(pObjectName), ObjectType,
2376 SecurityInfo, psidOwner, psidGroup, pDacl, pSacl);
2377 return ERROR_SUCCESS;
2380 /******************************************************************************
2381 * GetExplicitEntriesFromAclA [ADVAPI32.@]
2383 DWORD WINAPI GetExplicitEntriesFromAclA( PACL pacl, PULONG pcCountOfExplicitEntries,
2384 PEXPLICIT_ACCESSA* pListOfExplicitEntries)
2386 FIXME("%p %p %p\n",pacl, pcCountOfExplicitEntries, pListOfExplicitEntries);
2387 return ERROR_CALL_NOT_IMPLEMENTED;
2390 /******************************************************************************
2391 * GetExplicitEntriesFromAclW [ADVAPI32.@]
2393 DWORD WINAPI GetExplicitEntriesFromAclW( PACL pacl, PULONG pcCountOfExplicitEntries,
2394 PEXPLICIT_ACCESSW* pListOfExplicitEntries)
2396 FIXME("%p %p %p\n",pacl, pcCountOfExplicitEntries, pListOfExplicitEntries);
2397 return ERROR_CALL_NOT_IMPLEMENTED;
2401 /******************************************************************************
2402 * ParseAclStringFlags
2404 static DWORD ParseAclStringFlags(LPCWSTR* StringAcl)
2406 DWORD flags = 0;
2407 LPCWSTR szAcl = *StringAcl;
2409 while (*szAcl != '(')
2411 if (*szAcl == 'P')
2413 flags |= SE_DACL_PROTECTED;
2415 else if (*szAcl == 'A')
2417 szAcl++;
2418 if (*szAcl == 'R')
2419 flags |= SE_DACL_AUTO_INHERIT_REQ;
2420 else if (*szAcl == 'I')
2421 flags |= SE_DACL_AUTO_INHERITED;
2423 szAcl++;
2426 *StringAcl = szAcl;
2427 return flags;
2430 /******************************************************************************
2431 * ParseAceStringType
2433 ACEFLAG AceType[] =
2435 { SDDL_ACCESS_ALLOWED, ACCESS_ALLOWED_ACE_TYPE },
2436 { SDDL_ALARM, SYSTEM_ALARM_ACE_TYPE },
2437 { SDDL_AUDIT, SYSTEM_AUDIT_ACE_TYPE },
2438 { SDDL_ACCESS_DENIED, ACCESS_DENIED_ACE_TYPE },
2440 { SDDL_OBJECT_ACCESS_ALLOWED, ACCESS_ALLOWED_OBJECT_ACE_TYPE },
2441 { SDDL_OBJECT_ACCESS_DENIED, ACCESS_DENIED_OBJECT_ACE_TYPE },
2442 { SDDL_OBJECT_ALARM, SYSTEM_ALARM_OBJECT_ACE_TYPE },
2443 { SDDL_OBJECT_AUDIT, SYSTEM_AUDIT_OBJECT_ACE_TYPE },
2445 { NULL, 0 },
2448 static BYTE ParseAceStringType(LPCWSTR* StringAcl)
2450 UINT len = 0;
2451 LPCWSTR szAcl = *StringAcl;
2452 LPACEFLAG lpaf = AceType;
2454 while (lpaf->wstr &&
2455 (len = strlenW(lpaf->wstr)) &&
2456 strncmpW(lpaf->wstr, szAcl, len))
2457 lpaf++;
2459 if (!lpaf->wstr)
2460 return 0;
2462 *StringAcl += len;
2463 return lpaf->value;
2467 /******************************************************************************
2468 * ParseAceStringFlags
2470 ACEFLAG AceFlags[] =
2472 { SDDL_CONTAINER_INHERIT, CONTAINER_INHERIT_ACE },
2473 { SDDL_AUDIT_FAILURE, FAILED_ACCESS_ACE_FLAG },
2474 { SDDL_INHERITED, INHERITED_ACE },
2475 { SDDL_INHERIT_ONLY, INHERIT_ONLY_ACE },
2476 { SDDL_NO_PROPAGATE, NO_PROPAGATE_INHERIT_ACE },
2477 { SDDL_OBJECT_INHERIT, OBJECT_INHERIT_ACE },
2478 { SDDL_AUDIT_SUCCESS, SUCCESSFUL_ACCESS_ACE_FLAG },
2479 { NULL, 0 },
2482 static BYTE ParseAceStringFlags(LPCWSTR* StringAcl)
2484 UINT len = 0;
2485 BYTE flags = 0;
2486 LPCWSTR szAcl = *StringAcl;
2488 while (*szAcl != ';')
2490 LPACEFLAG lpaf = AceFlags;
2492 while (lpaf->wstr &&
2493 (len = strlenW(lpaf->wstr)) &&
2494 strncmpW(lpaf->wstr, szAcl, len))
2495 lpaf++;
2497 if (!lpaf->wstr)
2498 return 0;
2500 flags |= lpaf->value;
2501 szAcl += len;
2504 *StringAcl = szAcl;
2505 return flags;
2509 /******************************************************************************
2510 * ParseAceStringRights
2512 ACEFLAG AceRights[] =
2514 { SDDL_GENERIC_ALL, GENERIC_ALL },
2515 { SDDL_GENERIC_READ, GENERIC_READ },
2516 { SDDL_GENERIC_WRITE, GENERIC_WRITE },
2517 { SDDL_GENERIC_EXECUTE, GENERIC_EXECUTE },
2518 { SDDL_READ_CONTROL, READ_CONTROL },
2519 { SDDL_STANDARD_DELETE, DELETE },
2520 { SDDL_WRITE_DAC, WRITE_DAC },
2521 { SDDL_WRITE_OWNER, WRITE_OWNER },
2522 { NULL, 0 },
2525 static DWORD ParseAceStringRights(LPCWSTR* StringAcl)
2527 UINT len = 0;
2528 DWORD rights = 0;
2529 LPCWSTR szAcl = *StringAcl;
2531 if ((*szAcl == '0') && (*(szAcl + 1) == 'x'))
2533 LPCWSTR p = szAcl;
2535 while (*p && *p != ';')
2536 p++;
2538 if (p - szAcl <= 8)
2540 rights = strtoulW(szAcl, NULL, 16);
2541 *StringAcl = p;
2543 else
2544 WARN("Invalid rights string format: %s\n", debugstr_wn(szAcl, p - szAcl));
2546 else
2548 while (*szAcl != ';')
2550 LPACEFLAG lpaf = AceRights;
2552 while (lpaf->wstr &&
2553 (len = strlenW(lpaf->wstr)) &&
2554 strncmpW(lpaf->wstr, szAcl, len))
2556 lpaf++;
2559 if (!lpaf->wstr)
2560 return 0;
2562 rights |= lpaf->value;
2563 szAcl += len;
2567 *StringAcl = szAcl;
2568 return rights;
2572 /******************************************************************************
2573 * ParseStringAclToAcl
2575 * dacl_flags(string_ace1)(string_ace2)... (string_acen)
2577 static BOOL ParseStringAclToAcl(LPCWSTR StringAcl, LPDWORD lpdwFlags,
2578 PACL pAcl, LPDWORD cBytes)
2580 DWORD val;
2581 DWORD sidlen;
2582 DWORD length = sizeof(ACL);
2583 PACCESS_ALLOWED_ACE pAce = NULL; /* pointer to current ACE */
2585 TRACE("%s\n", debugstr_w(StringAcl));
2587 if (!StringAcl)
2588 return FALSE;
2590 if (pAcl) /* pAce is only useful if we're setting values */
2591 pAce = (PACCESS_ALLOWED_ACE) ((LPBYTE)pAcl + sizeof(PACL));
2593 /* Parse ACL flags */
2594 *lpdwFlags = ParseAclStringFlags(&StringAcl);
2596 /* Parse ACE */
2597 while (*StringAcl == '(')
2599 StringAcl++;
2601 /* Parse ACE type */
2602 val = ParseAceStringType(&StringAcl);
2603 if (pAce)
2604 pAce->Header.AceType = (BYTE) val;
2605 if (*StringAcl != ';')
2606 goto lerr;
2607 StringAcl++;
2609 /* Parse ACE flags */
2610 val = ParseAceStringFlags(&StringAcl);
2611 if (pAce)
2612 pAce->Header.AceFlags = (BYTE) val;
2613 if (*StringAcl != ';')
2614 goto lerr;
2615 StringAcl++;
2617 /* Parse ACE rights */
2618 val = ParseAceStringRights(&StringAcl);
2619 if (pAce)
2620 pAce->Mask = val;
2621 if (*StringAcl != ';')
2622 goto lerr;
2623 StringAcl++;
2625 /* Parse ACE object guid */
2626 if (*StringAcl != ';')
2628 FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n");
2629 goto lerr;
2631 StringAcl++;
2633 /* Parse ACE inherit object guid */
2634 if (*StringAcl != ';')
2636 FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n");
2637 goto lerr;
2639 StringAcl++;
2641 /* Parse ACE account sid */
2642 if (ParseStringSidToSid(StringAcl, pAce ? (PSID)&pAce->SidStart : NULL, &sidlen))
2644 while (*StringAcl && *StringAcl != ')')
2645 StringAcl++;
2648 if (*StringAcl != ')')
2649 goto lerr;
2650 StringAcl++;
2652 length += sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + sidlen;
2655 *cBytes = length;
2656 return TRUE;
2658 lerr:
2659 WARN("Invalid ACE string format\n");
2660 return FALSE;
2664 /******************************************************************************
2665 * ParseStringSecurityDescriptorToSecurityDescriptor
2667 static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(
2668 LPCWSTR StringSecurityDescriptor,
2669 SECURITY_DESCRIPTOR* SecurityDescriptor,
2670 LPDWORD cBytes)
2672 BOOL bret = FALSE;
2673 WCHAR toktype;
2674 WCHAR tok[MAX_PATH];
2675 LPCWSTR lptoken;
2676 LPBYTE lpNext = NULL;
2677 DWORD len;
2679 *cBytes = 0;
2681 if (SecurityDescriptor)
2682 lpNext = ((LPBYTE) SecurityDescriptor) + sizeof(SECURITY_DESCRIPTOR);
2684 while (*StringSecurityDescriptor)
2686 toktype = *StringSecurityDescriptor;
2688 /* Expect char identifier followed by ':' */
2689 StringSecurityDescriptor++;
2690 if (*StringSecurityDescriptor != ':')
2692 SetLastError(ERROR_INVALID_PARAMETER);
2693 goto lend;
2695 StringSecurityDescriptor++;
2697 /* Extract token */
2698 lptoken = StringSecurityDescriptor;
2699 while (*lptoken && *lptoken != ':')
2700 lptoken++;
2702 if (*lptoken)
2703 lptoken--;
2705 len = lptoken - StringSecurityDescriptor;
2706 memcpy( tok, StringSecurityDescriptor, len * sizeof(WCHAR) );
2707 tok[len] = 0;
2709 switch (toktype)
2711 case 'O':
2713 DWORD bytes;
2715 if (!ParseStringSidToSid(tok, (PSID)lpNext, &bytes))
2716 goto lend;
2718 if (SecurityDescriptor)
2720 SecurityDescriptor->Owner = (PSID) ((DWORD) lpNext -
2721 (DWORD) SecurityDescriptor);
2722 lpNext += bytes; /* Advance to next token */
2725 *cBytes += bytes;
2727 break;
2730 case 'G':
2732 DWORD bytes;
2734 if (!ParseStringSidToSid(tok, (PSID)lpNext, &bytes))
2735 goto lend;
2737 if (SecurityDescriptor)
2739 SecurityDescriptor->Group = (PSID) ((DWORD) lpNext -
2740 (DWORD) SecurityDescriptor);
2741 lpNext += bytes; /* Advance to next token */
2744 *cBytes += bytes;
2746 break;
2749 case 'D':
2751 DWORD flags;
2752 DWORD bytes;
2754 if (!ParseStringAclToAcl(tok, &flags, (PACL)lpNext, &bytes))
2755 goto lend;
2757 if (SecurityDescriptor)
2759 SecurityDescriptor->Control |= SE_DACL_PRESENT | flags;
2760 SecurityDescriptor->Dacl = (PACL) ((DWORD) lpNext -
2761 (DWORD) SecurityDescriptor);
2762 lpNext += bytes; /* Advance to next token */
2765 *cBytes += bytes;
2767 break;
2770 case 'S':
2772 DWORD flags;
2773 DWORD bytes;
2775 if (!ParseStringAclToAcl(tok, &flags, (PACL)lpNext, &bytes))
2776 goto lend;
2778 if (SecurityDescriptor)
2780 SecurityDescriptor->Control |= SE_SACL_PRESENT | flags;
2781 SecurityDescriptor->Sacl = (PACL) ((DWORD) lpNext -
2782 (DWORD) SecurityDescriptor);
2783 lpNext += bytes; /* Advance to next token */
2786 *cBytes += bytes;
2788 break;
2791 default:
2792 FIXME("Unknown token\n");
2793 SetLastError(ERROR_INVALID_PARAMETER);
2794 goto lend;
2797 StringSecurityDescriptor = lptoken;
2800 bret = TRUE;
2802 lend:
2803 return bret;
2806 /******************************************************************************
2807 * ConvertStringSecurityDescriptorToSecurityDescriptorA [ADVAPI32.@]
2809 BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorA(
2810 LPCSTR StringSecurityDescriptor,
2811 DWORD StringSDRevision,
2812 PSECURITY_DESCRIPTOR* SecurityDescriptor,
2813 PULONG SecurityDescriptorSize)
2815 UINT len;
2816 BOOL ret = FALSE;
2817 LPWSTR StringSecurityDescriptorW;
2819 len = MultiByteToWideChar(CP_ACP, 0, StringSecurityDescriptor, -1, NULL, 0);
2820 StringSecurityDescriptorW = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
2822 if (StringSecurityDescriptorW)
2824 MultiByteToWideChar(CP_ACP, 0, StringSecurityDescriptor, -1, StringSecurityDescriptorW, len);
2826 ret = ConvertStringSecurityDescriptorToSecurityDescriptorW(StringSecurityDescriptorW,
2827 StringSDRevision, SecurityDescriptor,
2828 SecurityDescriptorSize);
2829 HeapFree(GetProcessHeap(), 0, StringSecurityDescriptorW);
2832 return ret;
2835 /******************************************************************************
2836 * ConvertStringSecurityDescriptorToSecurityDescriptorW [ADVAPI32.@]
2838 BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorW(
2839 LPCWSTR StringSecurityDescriptor,
2840 DWORD StringSDRevision,
2841 PSECURITY_DESCRIPTOR* SecurityDescriptor,
2842 PULONG SecurityDescriptorSize)
2844 DWORD cBytes;
2845 SECURITY_DESCRIPTOR* psd;
2846 BOOL bret = FALSE;
2848 TRACE("%s\n", debugstr_w(StringSecurityDescriptor));
2850 if (GetVersion() & 0x80000000)
2852 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
2853 goto lend;
2855 else if (StringSDRevision != SID_REVISION)
2857 SetLastError(ERROR_UNKNOWN_REVISION);
2858 goto lend;
2861 /* Compute security descriptor length */
2862 if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor,
2863 NULL, &cBytes))
2864 goto lend;
2866 psd = *SecurityDescriptor = (SECURITY_DESCRIPTOR*) LocalAlloc(
2867 GMEM_ZEROINIT, cBytes);
2869 psd->Revision = SID_REVISION;
2870 psd->Control |= SE_SELF_RELATIVE;
2872 if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor,
2873 psd, &cBytes))
2875 LocalFree(psd);
2876 goto lend;
2879 if (SecurityDescriptorSize)
2880 *SecurityDescriptorSize = cBytes;
2882 bret = TRUE;
2884 lend:
2885 TRACE(" ret=%d\n", bret);
2886 return bret;
2889 /******************************************************************************
2890 * ConvertStringSidToSidW [ADVAPI32.@]
2892 BOOL WINAPI ConvertStringSidToSidW(LPCWSTR StringSid, PSID* Sid)
2894 BOOL bret = FALSE;
2895 DWORD cBytes;
2897 TRACE("%s, %p\n", debugstr_w(StringSid), Sid);
2898 if (GetVersion() & 0x80000000)
2899 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
2900 else if (!StringSid || !Sid)
2901 SetLastError(ERROR_INVALID_PARAMETER);
2902 else if (ParseStringSidToSid(StringSid, NULL, &cBytes))
2904 PSID pSid = *Sid = (PSID) LocalAlloc(0, cBytes);
2906 bret = ParseStringSidToSid(StringSid, pSid, &cBytes);
2907 if (!bret)
2908 LocalFree(*Sid);
2910 TRACE("returning %s\n", bret ? "TRUE" : "FALSE");
2911 return bret;
2914 /******************************************************************************
2915 * ConvertStringSidToSidA [ADVAPI32.@]
2917 BOOL WINAPI ConvertStringSidToSidA(LPCSTR StringSid, PSID* Sid)
2919 BOOL bret = FALSE;
2921 TRACE("%s, %p\n", debugstr_a(StringSid), Sid);
2922 if (GetVersion() & 0x80000000)
2923 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
2924 else if (!StringSid || !Sid)
2925 SetLastError(ERROR_INVALID_PARAMETER);
2926 else
2928 UINT len = MultiByteToWideChar(CP_ACP, 0, StringSid, -1, NULL, 0);
2929 LPWSTR wStringSid = HeapAlloc(GetProcessHeap(), 0,
2930 len * sizeof(WCHAR));
2932 MultiByteToWideChar(CP_ACP, 0, StringSid, -1, wStringSid, len);
2933 bret = ConvertStringSidToSidW(wStringSid, Sid);
2934 HeapFree(GetProcessHeap(), 0, wStringSid);
2936 TRACE("returning %s\n", bret ? "TRUE" : "FALSE");
2937 return bret;
2940 /******************************************************************************
2941 * ConvertSidToStringSidW [ADVAPI32.@]
2943 * format of SID string is:
2944 * S-<count>-<auth>-<subauth1>-<subauth2>-<subauth3>...
2945 * where
2946 * <rev> is the revision of the SID encoded as decimal
2947 * <auth> is the identifier authority encoded as hex
2948 * <subauthN> is the subauthority id encoded as decimal
2950 BOOL WINAPI ConvertSidToStringSidW( PSID pSid, LPWSTR *pstr )
2952 DWORD sz, i;
2953 LPWSTR str;
2954 WCHAR fmt[] = { 'S','-','%','u','-','%','d',0 };
2955 WCHAR subauthfmt[] = { '-','%','u',0 };
2956 SID* pisid=pSid;
2958 TRACE("%p %p\n", pSid, pstr );
2960 if( !IsValidSid( pSid ) )
2961 return FALSE;
2963 if (pisid->Revision != SDDL_REVISION)
2964 return FALSE;
2965 if (pisid->IdentifierAuthority.Value[0] ||
2966 pisid->IdentifierAuthority.Value[1])
2968 FIXME("not matching MS' bugs\n");
2969 return FALSE;
2972 sz = 14 + pisid->SubAuthorityCount * 11;
2973 str = LocalAlloc( 0, sz*sizeof(WCHAR) );
2974 sprintfW( str, fmt, pisid->Revision, MAKELONG(
2975 MAKEWORD( pisid->IdentifierAuthority.Value[5],
2976 pisid->IdentifierAuthority.Value[4] ),
2977 MAKEWORD( pisid->IdentifierAuthority.Value[3],
2978 pisid->IdentifierAuthority.Value[2] ) ) );
2979 for( i=0; i<pisid->SubAuthorityCount; i++ )
2980 sprintfW( str + strlenW(str), subauthfmt, pisid->SubAuthority[i] );
2981 *pstr = str;
2983 return TRUE;
2986 /******************************************************************************
2987 * ConvertSidToStringSidA [ADVAPI32.@]
2989 BOOL WINAPI ConvertSidToStringSidA(PSID pSid, LPSTR *pstr)
2991 LPWSTR wstr = NULL;
2992 LPSTR str;
2993 UINT len;
2995 TRACE("%p %p\n", pSid, pstr );
2997 if( !ConvertSidToStringSidW( pSid, &wstr ) )
2998 return FALSE;
3000 len = WideCharToMultiByte( CP_ACP, 0, wstr, -1, NULL, 0, NULL, NULL );
3001 str = LocalAlloc( 0, len );
3002 WideCharToMultiByte( CP_ACP, 0, wstr, -1, str, len, NULL, NULL );
3003 LocalFree( wstr );
3005 *pstr = str;
3007 return TRUE;
3010 BOOL WINAPI CreatePrivateObjectSecurity(
3011 PSECURITY_DESCRIPTOR ParentDescriptor,
3012 PSECURITY_DESCRIPTOR CreatorDescriptor,
3013 PSECURITY_DESCRIPTOR* NewDescriptor,
3014 BOOL IsDirectoryObject,
3015 HANDLE Token,
3016 PGENERIC_MAPPING GenericMapping )
3018 FIXME("%p %p %p %d %p %p - stub\n", ParentDescriptor, CreatorDescriptor,
3019 NewDescriptor, IsDirectoryObject, Token, GenericMapping);
3021 return FALSE;
3024 BOOL WINAPI DestroyPrivateObjectSecurity( PSECURITY_DESCRIPTOR* ObjectDescriptor )
3026 FIXME("%p - stub\n", ObjectDescriptor);
3028 return TRUE;
3031 BOOL WINAPI CreateProcessAsUserA(
3032 HANDLE hToken,
3033 LPCSTR lpApplicationName,
3034 LPSTR lpCommandLine,
3035 LPSECURITY_ATTRIBUTES lpProcessAttributes,
3036 LPSECURITY_ATTRIBUTES lpThreadAttributes,
3037 BOOL bInheritHandles,
3038 DWORD dwCreationFlags,
3039 LPVOID lpEnvironment,
3040 LPCSTR lpCurrentDirectory,
3041 LPSTARTUPINFOA lpStartupInfo,
3042 LPPROCESS_INFORMATION lpProcessInformation )
3044 FIXME("%p %s %s %p %p %d 0x%08lx %p %s %p %p - stub\n", hToken, debugstr_a(lpApplicationName),
3045 debugstr_a(lpCommandLine), lpProcessAttributes, lpThreadAttributes, bInheritHandles,
3046 dwCreationFlags, lpEnvironment, debugstr_a(lpCurrentDirectory), lpStartupInfo, lpProcessInformation);
3048 return FALSE;
3051 BOOL WINAPI CreateProcessAsUserW(
3052 HANDLE hToken,
3053 LPCWSTR lpApplicationName,
3054 LPWSTR lpCommandLine,
3055 LPSECURITY_ATTRIBUTES lpProcessAttributes,
3056 LPSECURITY_ATTRIBUTES lpThreadAttributes,
3057 BOOL bInheritHandles,
3058 DWORD dwCreationFlags,
3059 LPVOID lpEnvironment,
3060 LPCWSTR lpCurrentDirectory,
3061 LPSTARTUPINFOW lpStartupInfo,
3062 LPPROCESS_INFORMATION lpProcessInformation )
3064 FIXME("%p %s %s %p %p %d 0x%08lx %p %s %p %p - semi- stub\n", hToken,
3065 debugstr_w(lpApplicationName), debugstr_w(lpCommandLine), lpProcessAttributes,
3066 lpThreadAttributes, bInheritHandles, dwCreationFlags, lpEnvironment,
3067 debugstr_w(lpCurrentDirectory), lpStartupInfo, lpProcessInformation);
3069 /* We should create the process with a suspended main thread */
3070 if (!CreateProcessW (lpApplicationName,
3071 lpCommandLine,
3072 lpProcessAttributes,
3073 lpThreadAttributes,
3074 bInheritHandles,
3075 dwCreationFlags, /* CREATE_SUSPENDED */
3076 lpEnvironment,
3077 lpCurrentDirectory,
3078 lpStartupInfo,
3079 lpProcessInformation))
3081 return FALSE;
3084 return TRUE;
3087 /******************************************************************************
3088 * ComputeStringSidSize
3090 static DWORD ComputeStringSidSize(LPCWSTR StringSid)
3092 int ctok = 0;
3093 DWORD size = sizeof(SID);
3095 while (*StringSid)
3097 if (*StringSid == '-')
3098 ctok++;
3099 StringSid++;
3102 if (ctok > 3)
3103 size += (ctok - 3) * sizeof(DWORD);
3105 return size;
3108 BOOL WINAPI DuplicateTokenEx(
3109 HANDLE ExistingTokenHandle, DWORD dwDesiredAccess,
3110 LPSECURITY_ATTRIBUTES lpTokenAttributes,
3111 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
3112 TOKEN_TYPE TokenType,
3113 PHANDLE DuplicateTokenHandle )
3115 OBJECT_ATTRIBUTES ObjectAttributes;
3117 TRACE("%p 0x%08lx 0x%08x 0x%08x %p\n", ExistingTokenHandle, dwDesiredAccess,
3118 ImpersonationLevel, TokenType, DuplicateTokenHandle);
3120 InitializeObjectAttributes(
3121 &ObjectAttributes,
3122 NULL,
3123 (lpTokenAttributes && lpTokenAttributes->bInheritHandle) ? OBJ_INHERIT : 0,
3124 NULL,
3125 lpTokenAttributes ? lpTokenAttributes->lpSecurityDescriptor : NULL );
3127 return set_ntstatus( NtDuplicateToken( ExistingTokenHandle,
3128 dwDesiredAccess,
3129 &ObjectAttributes,
3130 ImpersonationLevel,
3131 TokenType,
3132 DuplicateTokenHandle ) );
3135 BOOL WINAPI DuplicateToken(
3136 HANDLE ExistingTokenHandle,
3137 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
3138 PHANDLE DuplicateTokenHandle )
3140 return DuplicateTokenEx( ExistingTokenHandle, 0, NULL, ImpersonationLevel,
3141 TokenImpersonation, DuplicateTokenHandle );
3144 BOOL WINAPI EnumDependentServicesA(
3145 SC_HANDLE hService,
3146 DWORD dwServiceState,
3147 LPENUM_SERVICE_STATUSA lpServices,
3148 DWORD cbBufSize,
3149 LPDWORD pcbBytesNeeded,
3150 LPDWORD lpServicesReturned )
3152 FIXME("%p 0x%08lx %p 0x%08lx %p %p - stub\n", hService, dwServiceState,
3153 lpServices, cbBufSize, pcbBytesNeeded, lpServicesReturned);
3155 return FALSE;
3158 BOOL WINAPI EnumDependentServicesW(
3159 SC_HANDLE hService,
3160 DWORD dwServiceState,
3161 LPENUM_SERVICE_STATUSW lpServices,
3162 DWORD cbBufSize,
3163 LPDWORD pcbBytesNeeded,
3164 LPDWORD lpServicesReturned )
3166 FIXME("%p 0x%08lx %p 0x%08lx %p %p - stub\n", hService, dwServiceState,
3167 lpServices, cbBufSize, pcbBytesNeeded, lpServicesReturned);
3169 return FALSE;
3172 /******************************************************************************
3173 * ParseStringSidToSid
3175 static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes)
3177 BOOL bret = FALSE;
3178 SID* pisid=pSid;
3180 TRACE("%s, %p, %p\n", debugstr_w(StringSid), pSid, cBytes);
3181 if (!StringSid)
3183 SetLastError(ERROR_INVALID_PARAMETER);
3184 TRACE("StringSid is NULL, returning FALSE\n");
3185 return FALSE;
3188 *cBytes = ComputeStringSidSize(StringSid);
3189 if (!pisid) /* Simply compute the size */
3191 TRACE("only size requested, returning TRUE\n");
3192 return TRUE;
3195 if (*StringSid != 'S' || *StringSid != '-') /* S-R-I-S-S */
3197 DWORD i = 0, identAuth;
3198 DWORD csubauth = ((*cBytes - sizeof(SID)) / sizeof(DWORD)) + 1;
3200 StringSid += 2; /* Advance to Revision */
3201 pisid->Revision = atoiW(StringSid);
3203 if (pisid->Revision != SDDL_REVISION)
3205 TRACE("Revision %d is unknown\n", pisid->Revision);
3206 goto lend; /* ERROR_INVALID_SID */
3208 if (csubauth == 0)
3210 TRACE("SubAuthorityCount is 0\n");
3211 goto lend; /* ERROR_INVALID_SID */
3214 pisid->SubAuthorityCount = csubauth;
3216 /* Advance to identifier authority */
3217 while (*StringSid && *StringSid != '-')
3218 StringSid++;
3219 if (*StringSid == '-')
3220 StringSid++;
3222 /* MS' implementation can't handle values greater than 2^32 - 1, so
3223 * we don't either; assume most significant bytes are always 0
3225 pisid->IdentifierAuthority.Value[0] = 0;
3226 pisid->IdentifierAuthority.Value[1] = 0;
3227 identAuth = atoiW(StringSid);
3228 pisid->IdentifierAuthority.Value[5] = identAuth & 0xff;
3229 pisid->IdentifierAuthority.Value[4] = (identAuth & 0xff00) >> 8;
3230 pisid->IdentifierAuthority.Value[3] = (identAuth & 0xff0000) >> 16;
3231 pisid->IdentifierAuthority.Value[2] = (identAuth & 0xff000000) >> 24;
3233 /* Advance to first sub authority */
3234 while (*StringSid && *StringSid != '-')
3235 StringSid++;
3236 if (*StringSid == '-')
3237 StringSid++;
3239 while (*StringSid)
3241 while (*StringSid && *StringSid != '-')
3242 StringSid++;
3244 pisid->SubAuthority[i++] = atoiW(StringSid);
3247 if (i != pisid->SubAuthorityCount)
3248 goto lend; /* ERROR_INVALID_SID */
3250 bret = TRUE;
3252 else /* String constant format - Only available in winxp and above */
3254 pisid->Revision = SDDL_REVISION;
3255 pisid->SubAuthorityCount = 1;
3257 FIXME("String constant not supported: %s\n", debugstr_wn(StringSid, 2));
3259 /* TODO: Lookup string of well-known SIDs in table */
3260 pisid->IdentifierAuthority.Value[5] = 0;
3261 pisid->SubAuthority[0] = 0;
3263 bret = TRUE;
3266 lend:
3267 if (!bret)
3268 SetLastError(ERROR_INVALID_SID);
3270 TRACE("returning %s\n", bret ? "TRUE" : "FALSE");
3271 return bret;
3274 /******************************************************************************
3275 * GetNamedSecurityInfoA [ADVAPI32.@]
3277 DWORD WINAPI GetNamedSecurityInfoA(LPSTR pObjectName,
3278 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
3279 PSID* ppsidOwner, PSID* ppsidGroup, PACL* ppDacl, PACL* ppSacl,
3280 PSECURITY_DESCRIPTOR* ppSecurityDescriptor)
3282 DWORD len;
3283 LPWSTR wstr = NULL;
3284 DWORD r;
3286 TRACE("%s %d %ld %p %p %p %p %p\n", pObjectName, ObjectType, SecurityInfo,
3287 ppsidOwner, ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor);
3289 if( pObjectName )
3291 len = MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, NULL, 0 );
3292 wstr = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR));
3293 MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, wstr, len );
3296 r = GetNamedSecurityInfoW( wstr, ObjectType, SecurityInfo, ppsidOwner,
3297 ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor );
3299 HeapFree( GetProcessHeap(), 0, wstr );
3301 return r;
3304 /******************************************************************************
3305 * GetNamedSecurityInfoW [ADVAPI32.@]
3307 DWORD WINAPI GetNamedSecurityInfoW( LPWSTR name, SE_OBJECT_TYPE type,
3308 SECURITY_INFORMATION info, PSID* owner, PSID* group, PACL* dacl,
3309 PACL* sacl, PSECURITY_DESCRIPTOR* descriptor )
3311 DWORD needed, offset;
3312 SECURITY_DESCRIPTOR_RELATIVE *relative;
3313 BYTE *buffer;
3315 TRACE( "%s %d %ld %p %p %p %p %p\n", debugstr_w(name), type, info, owner,
3316 group, dacl, sacl, descriptor );
3318 if (!name || !descriptor) return ERROR_INVALID_PARAMETER;
3320 needed = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
3321 if (info & OWNER_SECURITY_INFORMATION)
3322 needed += sizeof(sidWorld);
3323 if (info & GROUP_SECURITY_INFORMATION)
3324 needed += sizeof(sidWorld);
3325 if (info & DACL_SECURITY_INFORMATION)
3326 needed += WINE_SIZE_OF_WORLD_ACCESS_ACL;
3327 if (info & SACL_SECURITY_INFORMATION)
3328 needed += WINE_SIZE_OF_WORLD_ACCESS_ACL;
3330 /* must be freed by caller */
3331 *descriptor = HeapAlloc( GetProcessHeap(), 0, needed );
3332 if (!*descriptor) return ERROR_NOT_ENOUGH_MEMORY;
3334 if (!InitializeSecurityDescriptor( *descriptor, SECURITY_DESCRIPTOR_REVISION ))
3336 HeapFree( GetProcessHeap(), 0, *descriptor );
3337 return ERROR_INVALID_SECURITY_DESCR;
3340 relative = (SECURITY_DESCRIPTOR_RELATIVE *)*descriptor;
3341 relative->Control |= SE_SELF_RELATIVE;
3342 buffer = (BYTE *)relative;
3343 offset = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
3345 if (owner && (info & OWNER_SECURITY_INFORMATION))
3347 memcpy( buffer + offset, &sidWorld, sizeof(sidWorld) );
3348 relative->Owner = offset;
3349 *owner = buffer + offset;
3350 offset += sizeof(sidWorld);
3352 if (group && (info & GROUP_SECURITY_INFORMATION))
3354 memcpy( buffer + offset, &sidWorld, sizeof(sidWorld) );
3355 relative->Group = offset;
3356 *group = buffer + offset;
3357 offset += sizeof(sidWorld);
3359 if (dacl && (info & DACL_SECURITY_INFORMATION))
3361 GetWorldAccessACL( (PACL)(buffer + offset) );
3362 relative->Dacl = offset;
3363 *dacl = (PACL)(buffer + offset);
3364 offset += WINE_SIZE_OF_WORLD_ACCESS_ACL;
3366 if (sacl && (info & SACL_SECURITY_INFORMATION))
3368 GetWorldAccessACL( (PACL)(buffer + offset) );
3369 relative->Sacl = offset;
3370 *sacl = (PACL)(buffer + offset);
3372 return ERROR_SUCCESS;
3375 /******************************************************************************
3376 * DecryptFileW [ADVAPI32.@]
3378 BOOL WINAPI DecryptFileW(LPCWSTR lpFileName, DWORD dwReserved)
3380 FIXME("%s %08lx\n", debugstr_w(lpFileName), dwReserved);
3381 return TRUE;
3384 /******************************************************************************
3385 * DecryptFileA [ADVAPI32.@]
3387 BOOL WINAPI DecryptFileA(LPCSTR lpFileName, DWORD dwReserved)
3389 FIXME("%s %08lx\n", debugstr_a(lpFileName), dwReserved);
3390 return TRUE;
3393 /******************************************************************************
3394 * EncryptFileW [ADVAPI32.@]
3396 BOOL WINAPI EncryptFileW(LPCWSTR lpFileName)
3398 FIXME("%s\n", debugstr_w(lpFileName));
3399 return TRUE;
3402 /******************************************************************************
3403 * EncryptFileA [ADVAPI32.@]
3405 BOOL WINAPI EncryptFileA(LPCSTR lpFileName)
3407 FIXME("%s\n", debugstr_a(lpFileName));
3408 return TRUE;
3411 /******************************************************************************
3412 * SetSecurityInfo [ADVAPI32.@]
3414 DWORD WINAPI SetSecurityInfo(HANDLE handle, SE_OBJECT_TYPE ObjectType,
3415 SECURITY_INFORMATION SecurityInfo, PSID psidOwner,
3416 PSID psidGroup, PACL pDacl, PACL pSacl) {
3417 FIXME("stub\n");
3418 return ERROR_SUCCESS;